Listing Description

Senior Cloud Security Engineer

Truveta is the world’s first health provider led data platform with a vision of Saving Lives with Data. Our mission is to enable researchers to find cures faster, empower every clinician to be an expert, and help families make the most informed decisions about their care. Achieving Truveta’ s ambitious vision requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values.

Our headquarters are in the greater Seattle area but we celebrate and embrace a remote culture.

Who We Need

Truveta is rapidly building a talented and diverse team to tackle complex health and technical challenges. We are seeking candidates inspired by the opportunity to securely apply data in the development of real-world health solutions. Beyond core capabilities, we seek problem solvers, passionate and collaborative teammates, and those willing to roll up their sleeves while making a difference. We do things the right way. Our commitment to security and compliance assurance cannot be stressed enough. This position is critical to ensuring we are successful.

If you are interested in the opportunity to pursue purposeful work, join a mission-driven team, and build a rewarding career while having fun, Truveta may be the perfect fit for you.

This Opportunity

Success in the healthcare industry is predicated on a foundation of trust. We demonstrate our trustworthiness as stewards of health data through three foundational pillars: security, privacy, and compliance.

Position Purpose:

Secure Truveta’s applications, cloud infrastructure, and critical assets from current or emerging cyber threats and exploits. Candidates must understand what matters most to Truveta’s Health Care Partners and the sensitive data Truveta is entrusted to protect.

Primary Tasks and Responsibilities:

• Use prior experience to review and apply industry recognized security frameworks, specifically BSIMM and NIST CSF, to identify and mitigate cyber risks at Truveta


• Assess current cloud native deployments against cloud security best practices


• Review and recommend secure infrastructure configurations using cloud native solutions (e.g., Azure Blueprints, Azure policy, asset tagging)


• Assist in establishing security best practices for automation of patching processes, applications, and cloud infrastructure


• Knowledgeable of CI/CD control requirements to provide guidance to Engineering teams, ensuring adherence to security best practices for all pipeline deployments


• Continuously review security and privacy practices


• Be curious about Truveta’s produces services and how cyber risks and vulnerabilities could impact operations


• Maintain current knowledge and understanding of application and infrastructure security best practices to offer the best solutions and protection to Company services


• Interact with privacy and compliance teams to deliver the Fabric of Trust that will be infused into all Truveta services

Key Qualifications:

• The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to Computer Science, Information Security and Information Systems


• 5+ years of experience in managing vulnerabilities at a fast-paced cloud hosted environment


• Experience in assessing cloud native deployments against cyber security frameworks and applying mitigations as necessary


• Excellent written and verbal skills


• Ability to be a self-starter and motivated to help Engineering teams understand cyber security best practices


• Knowledgeable of cloud native infrastructure deployment best practices


• Able to participate in on-call rotation for 24x7 service requirement


• Experience creating and implementing strategies for complex systems


• Knowledge and experience with information security controls, infrastructure, and implementation techniques


• Experience in Python, .NET, and Java code languages are a plus

Preferred Qualifications

• Certifications in Information Security, e.g., GSEC, CISSP, CCSP, CISM, or other security relevant accreditations


• Certifications in Cloud Security, e.g., GCLD, GCSA, GPCS


• Experience with cyber security configuration frameworks, standards, and best practices


• Experience in delivering product security in one or more public clouds (Azure, AWS, GCP)


• Experience in securely operating highly distributed systems with published SLAs


• Experience with supporting engineering compliance, e.g., HIPAA, ISO, SOC2

Why Truveta?

Be a part of building something special. Now is the perfect time to join Truveta. We have strong, established leadership with decades of success. We are well-funded. We are building a culture that prioritizes people and their passions across personal, professional, and everything in between. Join us as we build an amazing company together. 

We offer:

• Interesting and meaningful work for every career stage


• Competitive compensation


• Comprehensive benefits with strong medical, dental, and vision insurance plans


• 401K plan


• Professional development for continuous learning


• Work/life autonomy via flexible work hours and flexible paid time off


• Generous parental leave


• Regular team activities (virtual and in-person as soon as we are able)

Truveta is committed to creating a diverse, inclusive, and empowering workplace. We believe that having employees, interns, and contactors with diverse backgrounds enables Truveta to better meet our mission and serve patients and health communities around the world. We recognize that opportunities in technology historically excluded and continue to disproportionately exclude Black and Indigenous people, people of color, people from working class backgrounds, people with disabilities, and LGBTQIA+ people. We strongly encourage individuals with these identities to apply even if you don’t meet all of the requirements.