Senior Cloud Security Engineer, League

CA$151-185k

AWS
Kubernetes
GCP
Python
Senior level
Remote in Canada
League

Consumer experience platform for healthcare

Job no longer available

League

Consumer experience platform for healthcare

501-1000 employees

HealthcareB2BPersonal healthSaaSData Analysis

Job no longer available

CA$151-185k

AWS
Kubernetes
GCP
Python
Senior level
Remote in Canada

501-1000 employees

HealthcareB2BPersonal healthSaaSData Analysis

Company mission

To power next-generation healthcare experiences with a platform built to enable CX transformation.

Job

Company

Role

Who you are

  • We are accepting applicants who have existing software engineering experience and want to explore security and applicants who may have done a security program in a post-secondary institution
  • Bachelor of Science degree (BS) in Computer Science (or a related field)
  • Good knowledge of common system and application vulnerabilities and countermeasures
  • Direct and recent working experience with at least two of the following compliance programs: ISO 27001, SOC 2, HIPAA or HITRUST
  • You have exposure to application or cloud security and secure coding best practices
  • You understand how web and mobile applications are built
  • You are able to write code in Python or similar higher level languages
  • Preferred certifications: CISSP, CCSP, OSCP
  • Experience with GCP and AWS security best practices
  • Experience with cloud security tools including CSPM, CWPP, and DLP
  • Experience with container and VM hardening

What the job involves

  • League’s security engineering teams are responsible for scaling security in the development lifecycle and managing security incident management
  • We believe in security by design and follow a paved road philosophy by building or buying tools that we can integrate into our platform to level-up our security posture
  • Security is everyone’s responsibility, but security engineering is how we make it possible for engineers to ship high quality code to production several times per day with security baked in
  • Team Coordination: Collaborate with the broader security engineering team to discuss ongoing projects, share updates, and troubleshoot any issues that arise. This includes coordinating efforts with colleagues specializing in different areas of security, such as application, infrastructure, and cloud
  • Security Consultation: Meet with software engineers to provide guidance on securely implementing security measures in their projects. This could involve discussions on implementing zero-trust principles, designing secure service mesh architectures, or addressing specific security concerns
  • Cloud Infrastructure Automation: Work on automating the deployment and configuration of security measures within League's public cloud environment. This includes leveraging infrastructure-as-code (IaC) principles to define and manage resources, streamline processes, and ensure consistent security across cloud projects
  • Security Maturity Assessment: Conduct regular assessments of League's overall security maturity. Identify areas for improvement, propose solutions, and track progress over time
  • Cloud Security Management: Review and adjust the configuration of cloud security tools, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), and others, to ensure they are effectively monitoring League's cloud environments for threats, misconfigurations, and compliance violations
  • Container and Kubernetes Security: Implement and maintain security measures for containerized workloads and Kubernetes environments. This includes container hardening, runtime security monitoring, and ensuring secure Kubernetes configurations and access controls
  • Documentation and Knowledge Sharing: Document findings, recommendations, and security best practices for future reference, with a focus on public cloud-specific security considerations. Share this knowledge with the development team and contribute to League's knowledge base to continuously improve security awareness
  • Continuous Learning: Dedicate time to staying informed about the latest security threats, vulnerabilities, and industry trends, with a particular emphasis on public cloud security best practices and emerging technologies. This involves reading security blogs, attending webinars, participating in training sessions, and pursuing relevant certifications
  • Incident Response: Assist in the investigation and remediation of security incidents to minimize their impact on League's systems and data, particularly those occurring within the public cloud environment
  • Mentorship: Share expertise with less experienced engineers on the team, particularly in areas like public cloud security, zero-trust, service mesh, container security, and Kubernetes security, fostering a culture of continuous learning and growth within League's security organization
  • Security-Related Responsibilities:
  • Compliance with Information Security Policies
  • Compliance with League’s secure coding practice
  • Responsibility and accountability for executing League's policies and procedures
  • Notification of HR, Legal, Compliance & Security of any incidents, breaches or policy violations

Application process

  • Applying to a role you love can be exhausting, and understanding the next steps can feel vague and uncertain
  • You have done the hard part of submitting your application; let's do ours by sharing potential next steps
  • You should receive a confirmation email after submitting your application
  • A recruiter (not a computer) reviews all applications at League
  • If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring
  • The final step is an offer, which we hope you will accept!
  • Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring

Our take

Health benefits are a top requirement for anyone seeking a new job in the US today, but classic one-size-fits-all plans are no longer regarded fit for service. League's platform - for payers, providers, consumer health businesses, and employees - connects all benefits in one HIPAA-compliant place, to enable all bodies involved with health benefits to provide better customer healthcare experiences.

League is already one of the bigger players in the employee wellness space, having capitalized on the recently accepted correlation between employee health and productivity to secure huge clients like Uber, Shopify and Unilever. The company has seen significant investment which will support the scaling of its platform-as-a-service offering, to position it as the leading digital infrastructure for an integrated health ecosystem.

Freddie headshot

Freddie

Company Specialist

Insights

Top investors

Few candidates hear
back within 2 weeks

-4% employee growth in 12 months

Glassdoor (2.8)

Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon

Company

Funding (last 2 of 4 rounds)

Feb 2022

$95m

SERIES C

Jul 2018

$47.1m

SERIES B

Total funding: $171.1m

Company benefits

  • Flexible medical and dental plans
  • 401(k) and RRSP matching programs
  • Health, lifestyle, learning and family spending accounts
  • Employee stock option program (ESOP)
  • Generous leaves (including parental and sabbatical)
  • Flexible time off

Company values

  • Creating a healthier future: We believe in what we do, and we are not afraid of audacious goals or big ideas. We are here to change the lives of millions.
  • Aspiring to live our best lives: We encourage each other to live life to the fullest, inside and outside the office.
  • Building a dream team: We believe success is a teams sport. We all contribute to the growth of our team by listening, learning, being respectful, lending a helping hand and championing diversity.
  • Taking ownership: We trust you to do your job, take risks, succeed, fail and try again. Take initiative, get creative and be resourceful. We're behind you 100%.
  • In it to win it, together: We have a huge mission, so bring all of your mabition, innovation, ingenuity, creativity and grit. This is not for the faint of heart.
  • Invested in inclusion: We believe that every Leaguer belongs.

Company HQ

Entertainment District, Toronto, ON

Leadership

Michael Serbinis

(CEO)

Founder of DocSpace and Kobo. Experience as CEO for Three Angels Capital and Board Director for Vector Insitute, among other prominent business leadership roles.

Share this job

View 11 more jobs at League