Job Description :
Job Title : Sr. Security Engineer Location: Redmond, WA Duration: Contract Job Description: Responsibilities: As Sr. Security Engineering for the Security Infrastructure team, you will design, build and deliver the security foundation for our services in the cloud You will interact with privacy and compliance teams to deliver the Fabric of Trust that will be infused into all services that we provide Guide organization's security and privacy initiatives by participating in design reviews and threat modeling Educate our teams on secure application development and emerging threats Evaluate security tools for internal consumption Create new tools, conduct industry-leading research, and solve challenging technical problems on the forefront of application security Participate in our incident response and vulnerability remediation efforts Develop secure code practices and provide hands-on training to developers Identify threats Ongoing review of security and privacy practices Ensure that we can respond to security and privacy issues Key Qualifications Bachelors or master's in computer science, Electrical Engineering, Information Systems, or equivalent 6-8 years of experience in Information Security & development experience 5+ years of experience in delivering product security for commercially shipping systems in one or more of the following areas: Authentication/Authorization, Applied Cryptography, OS security, Intrusion detection & system monitoring Experience with 1 or more security risk assessment or threat modeling processes (e.g.: STRIDE) Experience in SaaS security models, cloud security architecture and cloud infrastructure Experience developing and maintaining HIPAA-compliant environments Willingness to actively drive compliance mindset Experience working with C#, Java or other modern programming languages Preferred Qualifications Experience in delivering product security in health, finance or related industries Experience in delivering product security in one or more public clouds (Azure, AWS, GCP) Experience in securely operating highly distributed systems with published SLAs. Experience with supporting engineering compliance, e.g., HIPAA, ISO, SOC1, SOC2, HITRUST CSF, COBIT, GDPR Certifications in security with a focus on healthcare data, e.g., HITRUST CSF, CISSP, CISA, Privacy, HIPAA