Hi, we're Oscar. Were hiring a Security Engineer, Detection & Response to join our Security team in our New York office.
Oscar is a technology-driven, consumer-focused health insurance startup founded in 2012 & headquartered in New York City. Our goal is to make health insurance simple, transparent, & human. We need your help to do so.
About the role:
Taking care of our members includes securing their data. The mission of the Security team is to protect the data our customers have entrusted to us, & make it possible for Oscar management to make informed, risk-calibrated decisions.
As a Security Engineer, Detection & Response, you will support the information security incident response efforts by collecting & analyzing evidence & providing reports of identified threats, as well as search for insider threats. You will work with other Security team members & partner cross-functionally with Engineering, IT, & SRE to to help prioritize & close control gaps & reduce enterprise risk.
You will report into the Director of Detection & Response.
- Participate individually & as part of a team in threat intelligence collection & threat hunting activities
- Systematically test the ability of security controls to continuously drive improvements in threat protection & detection
- Be an active member of the enterprise information security incident response team, provide oversight over security investigations, & assists with the disciplinary & legal matters associates with security breaches & policy violations as necessary
- Support the overall improvement of the security process & documentation
- Conduct proactive threat\vulnerability research
- Keeps informed of new technologies or application methodologies through publications, membership in professional organizations & contact with other IT organizations & institutions
- Participate in the design & day-to-day administration of security systems that reflect state-of-the-art security best practices & compliance, ensuring a focus on balancing security effectiveness without introducing material operational friction
- Have a minimum of 4 years of career experience related to security operations & incident response
- Applied your skills in reverse engineering, computer forensics, ethical hacking, & threat hunting to solve problems in a technology-first environment
- Previous experience in particular OS environments (Mac & Linux) as well as cloud environments (AWS & GCP)
- Able to analyze system & network logs to piece together what happened
- In-depth technical understanding that enables you to assess security risks in a technology-heavy company
- Can fluently communicate security risks to both technical & non-technical audiences
Life at Oscar:
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves & find both belonging & support. We're on a mission to change health care -- an experience made whole by our unique backgrounds & perspectives.
We encourage our members to care for their whole selves, & we encourage our employees to do the same with comprehensive medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, & volunteer opportunities.
Oscar applicants are considered solely based on their qualifications, without regard to applicants disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (firstname.lastname@example.org) to make the need for an accommodation known.
Pay Transparency Policy:
Oscar ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.