Principal DevSecOps Engineer

Engineering Seattle, WA
About Wheel

Wheel is bringing the future of work to healthcare. Wheel is a first-of-its-kind enterprise that provides healthcare clients access to a flexible workforce of virtual care clinicians, and the tech-enabled infrastructure required to mobilize it rapidly and compliantly to improve patient access to care. Our mission is to change the way healthcare works by putting clinicians first, because happier clinicians make healthier patients. 

We’re headquartered in Austin, Texas, and recently named one of Built In Austin’s 50 Startups to Watch in 2020. Wheel is venture-backed by top investors with a track-record of growth-- and we’re ready to build an amazing team with top-tier talent like you!


Job Summary

As the Principal DevSecOps Engineer, you will help Wheel maintain a security & privacy-first culture, and implement robust security solutions needed to maintain client and patient trust in our “AWS of Virtual Care” platform. 

In this dynamic role, you will:
- Work closely with the engineering team to support 24/7/365 multi-cloud operations, provide maximum uptime and security
- Implement new security tools and systems based on InfoSec policies
- Evaluate security tooling implementation; recommend and deploy enhancements
- Assist in developing, implementing and enforcing policies to enhance physical, network and system security
- Recommend technical security policies and implement, or consult with engineering team on, remediations
- Ensure adherence to secure development practices
- Become the subject matter expert on customer security and compliance topics
- Develop and maintain answers to common customer questions about Wheel security, compliance certifications, and evolving privacy/security regulations 
- Respond to customer requests including contributing to RFPs, completing security questionnaires, and meeting with customers to answer their security questions 
- Foster and evangelize DevOps culture and product ownership amongst engineering teams
- Contribute to customer-facing policies, and other resources that can be shared with customers on SOC 2, HIPAA, and other security/compliance topics


About You

- You have one or more recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK
- Very strong in-depth hands-on experience with Amazon Web Services, including EC2, IAM, Load Balancers, S3, RDS, VPC, Lambda, KMS, API Gateway, Elasticsearch, GuardDuty and Inspector (or Google Cloud Platform equivalents)
- Experience with Kubernetes, Docker Swarm, or other Docker orchestration offerings
- Experience with the following: implementing enterprise-grade security solutions; Designing, implementing, and supporting service provider (xSP, SaaS, IaaS, PaaS, MBaaS, etc.) environments; Continuous Integration and Continuous Delivery using CircleCI or similar CI tooling; Configuration management software and Infrastructure-as-code (Terraform) scripting in Python, Bash or similar
- Strong understanding of security solutions or activities such as: IDS/IPS solutions; Static, Dynamic and Interactive security assessment solutions; Penetration Test tooling and external Penetration Test offerings; Safeguards for network security including perimeter and lateral movement; Recurring security scans and develop remediation plans; Vulnerability management using tools like Nessus; Security SIEMs like AlienVault or SecurityCenter; Malware and AntiVirus detection and prevention tools
- Experience with the fundamentals of the following/similar: OWASP and other security standards; SOC-2, HITRUST, and other auditing techniques


Equal Employment Opportunity Statement 

At Wheel, we know we will go further together by celebrating diversity, and that starts by honoring each of our unique life experiences. That’s why we are committed to ensuring a safe work environment where employees are not discriminated against based on age, race, ancestry, religion, sex, gender identity, sexual orientation, pregnancy, marital status, ancestry, physical or mental disability, military or veteran status, national origin, or any other characteristic protected by law. We are proud to be an equal opportunity employer that believes in health, equality, and prosperity for everyone so we can succeed in changing the way healthcare works.