Included Health

www.includedhealth.com

1 Job

1,661 Employees

About the Company

Included Health delivers personalized, all-in-one healthcare to millions of people nationwide. We provide healthcare access, answers, and advocacy through a modern experience designed to treat people better--mind, body, and wallet. It's all included: - virtual and in-person care - system-wide navigation and care coordination - 24/7 support for every clinical and administrative needs Our members experience better care, better outcomes, more healthy days, and lower overall costs.

Listed Jobs

Company Name: Included Health
Job Title: Staff Cloud Security Engineer
Job Description: Job title: Staff Cloud Security Engineer Role Summary: Senior engineer responsible for designing, developing, and automating advanced security controls across AWS and GCP environments. Leads the creation of robust authorization frameworks, Just‑In‑Time access, and infrastructure‑as‑code security configurations to protect PHI and sustain HIPAA compliance. Expectations: Deliver secure, maintainable code in Python and Go; extend Terraform IaC modules; collaborate cross‑functionally with infrastructure, DevOps, and product teams; mentor peers on cloud security best practices. Key Responsibilities: - Design & implement authorization models (RBAC/ABAC/Policy‑as‑Code) and JIT access systems for production resources. - Build automation tools, scripts, and services (Python/Go) for vulnerability management, compliance checks, and incident response. - Develop Terraform modules to enforce security configurations and audit controls. - Create centralized security controls (e.g., engineered WAF, secured development toolchain, webhook testing mechanisms). - Define container hardening standards and remediate legacy GCP environments. - Conduct threat modeling, security assessments, and develop incident response playbooks. - Document security architectures, control procedures, and automation workflows. - Serve as a subject‑matter expert, performing code reviews and guiding secure cloud adoption. Required Skills: - Cloud security expertise in AWS (primary) and GCP. - Advanced programming in Python and Go; familiarity with Ruby optional. - Proficiency with Terraform for IaC and policy enforcement. - Experience designing authorization frameworks, JIT access, and policy‑as‑code solutions. - Knowledge of WAF, container hardening, secure toolchains, and supply‑chain risk mitigation. - Strong communication for cross‑team collaboration and change management. Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. - Minimum 5 years’ experience in cloud security engineering, including software development and IaC implementation.