Garner Health
Security Engineer II
Job Summary
The role involves designing, implementing, and operating security tools and services across cloud and on-premises environments with a focus on cloud platforms like AWS and GCP. Responsibilities include monitoring for security threats, managing vulnerabilities, ensuring compliance with standards such as HITRUST and SOC 2, and developing security training programs for staff. Candidates should have extensive experience in security engineering, scripting, and managing security in cloud infrastructures, with strong knowledge of security best practices and tools. The position offers an opportunity to work remotely in a fast-growing healthtech company, contributing to safeguarding digital assets and enhancing organizational security posture.
Required Skills
Benefits
Job Description
Healthcare quality is declining and soaring costs are crushing American families and businesses. At Garner, we’ve developed a revolutionary approach to evaluating doctor performance and a unique incentive model that's reshaping the healthcare economy to ensure everyone can afford high quality care. By providing organizations relief from surging healthcare costs, we've experienced rapid adoption in the market and have more than doubled our revenue annually over the last 5 years, becoming the fastest growing company in our space. To support our continued growth, we're expanding our team by over 50% each year, seeking exceptional talent to shape our unique, award winning culture (for example, USA Today Top Workplaces 2025) designed to cultivate teamwork, trust, autonomy, exceptional results, and individual growth that creates an inflection point in your career.
About the role:
We are seeking a skilled and motivated Security Engineer to join our dynamic team. As a Security Engineer, you will play a crucial role in safeguarding our organization's digital assets, ensuring the integrity and confidentiality of our systems and data. You will be responsible for the implementation and operations of security tooling with your existing IAC/platform skills, maintaining security controls, and responding to security incidents and breaches. This role offers an exciting opportunity to work with cutting-edge technology and improve the overall security posture of our organization.
This position is fully remote.
What you will do:
- Security Engineering: Design, implement, and operate security tooling and services in cloud (including IAC related components) and on-premises ecosystems including, but not limited to, AWS and GCP, Snowflake, Wiz, Okta.
- Incident Detection and Response: Monitor security landscape for suspicious activity, investigate potential security incidents, and coordinate incident response efforts to mitigate threats and minimize their impact.
- Vulnerability Management: Assist regular vulnerability assessments and penetration tests, analyze results, and collaborate with relevant teams to prioritize and remediate security vulnerabilities in a timely manner.
- Security Compliance: Ensure compliance with relevant security standards, regulations, and best practices (e.g., HITRUST, SOC 2, ISO 27001) through continuous monitoring, auditing, and enforcement of security policies and procedures.
- Security Awareness and Training: Develop and deliver security awareness training programs for employees, educate stakeholders on security best practices, and promote a culture of security awareness throughout the organization.
- Security Incident Documentation and Reporting: Document security incidents, their resolution, and lessons learned for future reference. Prepare and present regular reports on security metrics, incidents, and trends to management and relevant stakeholders.
- Security Tool Evaluation and Integration: Research, evaluate, and recommend new security technologies, tools, and processes to enhance the organization's security posture and capabilities. Integrate new security solutions into existing infrastructure as needed.
- Collaboration and Communication: Work closely with cross-functional teams, including IT, engineering, and compliance, to align security initiatives with business objectives, identify security requirements, and ensure the effective implementation of security controls.
What you will bring to the team:
- Ability to work autonomously while collaborating with cross-functional teams, can successfully manage multiple projects simultaneously, and effectively communicate technical information to non-technical stakeholders.
- In-depth knowledge of auditing cloud infrastructure for security risks, creating solutions that defend against those risks, and designing processes that provide systemic prevention against the risks.
- Strong understanding of common application and infrastructure security vulnerabilities and attack vectors as well as techniques for their detection, prevention, and mitigation.
- Strong understanding of and proven ability with Terraform in a cloud environment.
- Strong understanding of cloud IAM principles and best practices.
- Experience with using a SIEM to detect indicators of compromise, identifying the impact, and generating incident reports.
- Independent ability to write scripts or automated tooling.
- Understanding of network security principles, protocols, and technologies
- Experience with threat modeling cloud-native applications (NodeJS and Python) and data pipelines.
- Experience with writing scripts or automation in any of the following languages: Bash, JavaScript, Python, or Golang.
- Experience with IAC related tooling, such as Terraform or Pulumi.
- Experience with deploying and managing Data Loss Prevention (DLP) tools in a regulated environment.
- Proven experience (4+ years) in a security engineering role, preferably in a fast-paced environment such as a technology company or HealthTech company.
- Recent experience with our tech stack:
Technologies we use:
AWS and its security tools: CloudTrail, GuardDuty, Control Tower, and Identity Center, Wiz, DataDog SIEM, Socket.dev (or other SCA tools like Trivy), Snowflake, Kubernetes / container security
Compensation Transparency:
The target salary range for this position is: $150,000 - $180,000. Individual compensation for this role will depend on various factors, including qualifications, skills, and applicable laws. In addition to base compensation, this role is eligible to participate in our equity incentive and competitive benefits plans, including but not limited to: flexible PTO, Medical/Dental/Vision plan options, 401(k), Teladoc Health and more.
Fraud and Security Notice:
Please be aware of recent job scam attempts. Our recruiters use getgarner.com email domain exclusively. If you have been contacted by someone claiming to be a Garner recruiter or a hiring manager from a different domain about a potential job, please report it to law enforcement here and to [email protected].
Equal Employment Opportunity:
Garner Health is proud to be an Equal Employment Opportunity employer and values diversity in the workplace. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.Garner Health is committed to providing accommodations for qualified individuals with disabilities in our recruiting process. If you need assistance or an accommodation due to a disability, you may contact us at [email protected].
Garner Health
Garner Health is the best way to reduce costs, improve employee engagement, and incorporate value-based care into your benefits program.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.