security
Posted Mar 11Staff Security Engineer
Santa Monica, United StatesHybrid
Responsibilities
- - Build security directly into the platform: Design and implement automated controls, policies, and tooling that embed security into our infrastructure and engineering workflows rather than relying on manual review processes.
- - Own infrastructure security and automation: Expand and strengthen Infrastructure as Code practices using Terraform to ensure infrastructure is provisioned securely, consistently, and auditable across environments.
- Where necessary, deploy and integrate security tooling that strengthens our detection, prevention, and response capabilities across the platform. - Lead cloud and network security design: Design secure networking architectures including VPC configuration, private networking, firewall policies, and edge protections that safeguard internal systems and customer data.
- - Drive compliance readiness and regulatory maturity: Lead security initiatives required for frameworks such as SOC 2 and HIPAA, including control design, remediation work, audit preparation, and long-term security improvements.
- Develop guidelines and protocols for the responsible and secure use of emerging technologies, including AI and LLMs, within both our product and internal workflows.
Requirements
- Pivotal Health combines software, data, and service into a seamlessly integrated, AI-driven platform that simplifies these complex reimbursement workflows.
- experience designing and operating secure cloud-native systems (AWS or GCP; GCP preferred) - Deep hands-on
- experience with Infrastructure as Code, particularly Terraform - Strong understanding of cloud networking and secure architecture (VPCs, private networking, routing, firewall policies) -
- Experience implementing secrets management and security controls across cloud environments -
- Experience contributing to or leading security and compliance audits (SOC 2, HIPAA, ISO, NIST, or similar) - Strong engineering fundamentals with the ability to explain security architecture and tradeoffs clearly to technical teams - Strong computer science or software engineering foundation with the ability to communicate effectively “engineer-to-engineer.” - Familiarity with common security frameworks and principles such as the OWASP Top 10, OSI model, and modern cloud security practices. -
- Experience participating in or supporting penetration testing, offensive security exercises, or vulnerability remediation efforts. - You prefer pragmatic, custom-fit solutions over "buying your way out" of a problem with expensive, bloated enterprise tools. - You are comfortable operating in a fast-moving environment where you may be both defining the strategy and executing hands-on technical work. EXTRA CREDIT EXPERIENCE -