Are you a Security Risk Leader who is passionate about applying scientific methods to security while preparing us for the potential “worse case” scenarios?
Redox is searching for an exceptionally talented Tech Lead for our Security Risk Operations team. In this role, you will set the direction for our security risk management processes, prepare the company to handle security incidents, and ensure our vulnerability and issue management processes are efficient and scalable.
Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology while making a huge impact on the daily lives of patients. Effective security programs are driven by risk management. Security Risk Operations ensures our team has robust processes to identify, assess and manage the security risks of our organization. At Redox, we use quantifiable practices to ensure we are correctly prioritizing and able to measure the impact of the company’s security program and initiatives. Additionally, we ensure our business is prepared to respond appropriately, in the event that these risks do eventuate.
You will be responsible for technical leadership and hands-on building, operating, and maintaining the Security Risk Operations function at Redox.
Be an active voice in our small, focused security team as the primary engineer responsible for Risk Operations
Design and facilitate the processes by which we conduct quantifiable security risk assessments and forecasts
Describe complex problems we face in broadly-understandable terms based on the audience (stakeholders)
Approach securing our company pragmatically, empathizing with our business to understand our needs while ensuring key risks are being addressed
Own our incident response processes and procedures, including facilitation of tabletop exercises
Work with engineering and security teams to ensure we are prepared, technically and procedurally, to respond to incidents
Support security incident response during security incidents by providing leadership and coordination across business functions
Build and oversee our business processes for vulnerability management
Maximize security impact and reduce risk while minimizing the negative impact on our business’s velocity
Implement and maintain scalable Vendor Risk Management processes
3+ years of hands-on experience with quantifiable risk management processes
Knowledge of current security threats, risks, and processes to quantify and manage them
Ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders, including clear communication and leadership during incidents
Ability to build and maintain effective incident response procedures, including training and exercises
Experience with Vendor Security Management processes and tools
Some development or quantitative science experience is highly desired
This is a remote based opportunity. You can live and work anywhere within the US. We are only hiring for US based candidates.