Security Engineer

Job Description

Job Description

You will be working in the company’s fast-growing security team to better meet the needs of our customers in the global healthcare sector.  As a contract Security Engineer, you will have the opportunity to work closely with our DevOps, hardware, software, AI, and cloud engineering teams to secure our product and our cloud security architecture. As we scale our business internationally and into large enterprises, security has never been more important to our company and those patients we help every day.

As part of our team, your core responsibilities will be:

• Design, configure and implement security solutions, tools, and services to protect Butterfly’s network environment.
• Solve complex security challenges and drive security improvements
• Leverage threat models to define requirements and identify gaps to address threats
• Perform security reviews of Butterfly’s infrastructure, products, and services
• Ensure tight coupling between Security and DevOps through collaboration with engineers
• Provide technical expertise on trends and emerging standards to cloud security landscape
• Work closely with team members to effectively enhance, implement and configure scalable security technologies, and enhance detection and response capabilities
• Implement, review, and maintain strong access controls and identity roles within the cloud infrastructure
• Supports our CISO in additional security projects, as needed

Qualifications

Baseline skills/experiences/attributes:

• BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus
• Minimum 3+ years of experience design and implement security infrastructure services in AWS, including monitoring, vulnerability management, SIEM, PAM, KMS, and data protection
• Experience with implementation of multi-tenant cloud environments
• Strong understanding of networking basics, including firewall, IDPS, and segmentation
• Hands-on experience working with AWS services and tools such as IAM, CloudTrail, CloudWatch, SecurityHub, GuardDuty, Inspector, Shield, WAF, KMS, Secrets Manager, Lambda, CloudWatch, PagerDuty
• Familiar with serverless compute such as AWS Lambda and container implementations with EKS, Kubernetes, etc.
• Experience leading design and security reviews of cloud-based systems
• Ability to work closely with hardware, software, and cloud engineers
• CISSP, OSCP, GIAC, and or AWS Certified Security Specialty a plus
• Perform a broad variety of tasks in support of the role and responsibilities

Ideally, you also have these skills/experiences/attributes (but it’s ok if you don’t!):

• Familiarity with DevSecOps, CI/CD, AppSec, and agile methodology
• Google Cloud Platform security experience
• Experience creating and maintaining threat models
• Experience working in a high-growth scaling environment