Altais

Senior Manager, Information Security and Trust

1 month agoOakland, CA

At Altais, we're looking for bold and curious innovators who share our passion for enabling better health care experiences and revolutionizing the healthcare system for physicians, patients, and the clinical community. Doctors today are faced with the reality of spending more time on administrative tasks than caring for patients. Physician burnout and fatigue are an epidemic, and the healthcare experience and quality suffer as a result. At Altais, we're building breakthrough clinical support tools, technology, and services to let doctors do what they do best: care for people. Come join us as an early member of our passionate and growing team as we change the game for the future of healthcare and enable the experience that people need and deserve.

Description

Job Summary:Do you enjoy working with a highly motivated and talented team to deliver mission-critical healthcare SaaS platform that change the way healthcare is delivered? We've got a great opportunity to be part of a start-up business with the resources and leadership of an experienced next-generation clinical and services organization.

We are building out our Security team which will work heavily with DevOps, Engineering, Compliance, Legal, and Enterprise Risk. Our platform runs almost entirely on Kubernetes in AWS with data layer and ML/AI distributed between AWS, GCP, and Azure. You should have technical experience in building secure infrastructure and SaaS applications for scalability and resiliency. This position is located in our Oakland City Center.

About the Work:As a Senior Manager, Information Security, you will secure our SaaS and data platforms across the spectrum of technology stack.


  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.

  • Partner with business stakeholders across the company to raise awareness of risk management concerns.

  • Represent Cyber Secruity in Architecture Review and Change Management Boards

  • Building and managing the security team.



Qualifications

The Skills, Experience & Education You Bring:
  • Bachelor's Degree in Engineering, Computer Science or related fields or equivalent experience, Master's Degree preferred.
  • 10 Years of experience with a through understanding of information security principles and practices.
  • 4 years of management experience.
  • Experience designing, building, and operating large-scale production Software-as a-Service platform.
  • Production experience with DevSecOps running web and/mobile applications.
  • Hands-on experience with AWS cloud platform (Optional: GCP or Azure).
  • Developing Secure CI/CD processes to improve cadence.
  • A solid understanding NodeJS and Java.
  • Experience with Terraform since we run Security-as-Code.
  • Moderate understanding on how database works, writing queries to interact with databases, and troubleshooting complex data layers. Open-source databases (MySQL, Postgres, Redis, Cassandra, etc.).
  • Securing our production and non-production infrastructure and applications by pro-actively monitoring and keeping systems up to date with latest critical OS and application patches.
  • Experience with application security tools including DAST, SAST, Penetration testing, Fuzzing etc.
  • Functional knowledge of security regulatory requirements (CCPA, GDPR, PCI, NIST SP 800-53, etc.).
  • Functional knowledge of common security certification (i.e. ISO 27001, SOC 1/2).
  • Deep experience in fundamental internet protocols: TCP/IP, HTTP, SSL/TLS, Routing protocols.
  • Understanding of Identity and Access Management protocols and technologies (FIDO, U2F, Web-Auth, SSO, SAML, OAuth, Federation, etc.).
  • Experienced with supporting various types of M&A activity.
  • Experienced with owning budgets, scorecards and developing roadmaps.
  • Has hands-on experience using source control (Git, GitHub) and feature branching strategies.
  • Have a track record of embedding security into the fabric of an organization and infrastructure.
  • Maintain accurate reporting of GRC remediation activities to bring appropriate visibility to stakeholders.


You Share our Mission & Values:
  • You are passionate about improving the healthcare experience and want to be part of the Altais mission.
  • You are bold and curious- willing to take risks, try new things and be creative.
  • You take pride in your work and are accountable for the quality of everything you do, holding yourself and others to a high standard.
  • You are compassionate and are known as someone who demonstrates emotional intelligence, considers others when making decisions and always tries to do the right thing.
  • You co-create, knowing that we can be better as a team than individuals. You work well with others, collaborating and valuing diversity of thought and perspective.
  • You build trust with your colleagues and customers by demonstrating that you are someone who values honesty and transparency.


Physical Requirements

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.
Please click here for further physical requirement detail.

External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws