Zus Health
Information Security and Compliance Co-op
Zus Health, Boston, Massachusetts, us, 02298
Who we areZus is a shared health data platform designed to accelerate healthcare data interoperability by providing easy-to-use patient data via API, embedded components, and direct EHR integrations. Founded in 2021 by Jonathan Bush, co-founder and former CEO of athenahealth, Zus partners with HIEs and other data networks to aggregate patient clinical history and then translates that history into user-friendly information at the point of care. Zus's mission is to catalyze healthcare's greatest inventors by maximizing the value of patient insights - so that they can build up, not around.What we’re looking forSecurity is central to Zus’s mission to bring information speed to health care. As part of our infrastructure and security team, you’ll contribute to development and hardening of our AWS cloud environments, assist product teams with service deployment and security improvements, participate in threat modeling and risk assessment activities, contribute to our SOC2 audit compliance program, along with other many aspects of powering a startup to success.We’re looking for someone comfortable with tackling a diverse set of responsibilities and who can communicate effectively with the rest of the organization.As part of our team, you will
Help with Regulatory Compliance (SOC2), maintaining an auditable security postureTrack KPI around security, and help steer the strategy of how the InfraSec team uses and responds to these signalsImprove CI/CD tools integration/operations, and full automation of CI/testingParticipate in Threat Modeling (STRIDE) sessions, and help document, capture, and prioritize remediation or improvementsCloud security (AWS): help improve security posture by researching and implementing configurations, fixes, or third-party servicesWork with other engineering teams to develop or improve cloud infrastructure, remediate security vulnerabilities or improve logging, monitoring and metric capabilitiesHelp improve our engineering reliability and stability plan, including incident management and SLO monitoringYou're a good fit because you have
A passion for information, infrastructure, or cloud computingExperience with AWS compute and networking resources (ALB, S3, EC2, ECS, etc.)A desire to learn and steward Infrastructure-as-Code (we primarily use Terraform)Experience with continuous deploymentFamiliarity with CI/CD pipeline tools (we primarily use GitHub Actions and Datadog) to achieve repeatable, idempotent, secure and monitored pipelines of code deploymentsGeneral awareness and knowledge of cybersecurity principlesFamiliarity with Linux and the command line and coding: shell/bash, nodeJS, python (not necessary these languages, but the willingness to learn languages/frameworks to accomplish guided tasking)A self-starter attitude that shows that you are ready for the fast, and sometimes unstructured, nature of an early stage startup, and can get things done independentlyAn effective communicator, and the willingness to level up in technical writing and communication (intra-team, customer, vendor, and leadership)$25 - $28 an hour
This person will need to be in Boston at least 2 days per week. This co-op will run from early January to late June. This person will report to our Manager, InfoSec and Compliance.We will offer you...• Competitive compensation that reflects the value you bring to the team• Opportunity to work alongside a passionate team that is determined to help change the world (and have fun doing it).
#J-18808-Ljbffr
Help with Regulatory Compliance (SOC2), maintaining an auditable security postureTrack KPI around security, and help steer the strategy of how the InfraSec team uses and responds to these signalsImprove CI/CD tools integration/operations, and full automation of CI/testingParticipate in Threat Modeling (STRIDE) sessions, and help document, capture, and prioritize remediation or improvementsCloud security (AWS): help improve security posture by researching and implementing configurations, fixes, or third-party servicesWork with other engineering teams to develop or improve cloud infrastructure, remediate security vulnerabilities or improve logging, monitoring and metric capabilitiesHelp improve our engineering reliability and stability plan, including incident management and SLO monitoringYou're a good fit because you have
A passion for information, infrastructure, or cloud computingExperience with AWS compute and networking resources (ALB, S3, EC2, ECS, etc.)A desire to learn and steward Infrastructure-as-Code (we primarily use Terraform)Experience with continuous deploymentFamiliarity with CI/CD pipeline tools (we primarily use GitHub Actions and Datadog) to achieve repeatable, idempotent, secure and monitored pipelines of code deploymentsGeneral awareness and knowledge of cybersecurity principlesFamiliarity with Linux and the command line and coding: shell/bash, nodeJS, python (not necessary these languages, but the willingness to learn languages/frameworks to accomplish guided tasking)A self-starter attitude that shows that you are ready for the fast, and sometimes unstructured, nature of an early stage startup, and can get things done independentlyAn effective communicator, and the willingness to level up in technical writing and communication (intra-team, customer, vendor, and leadership)$25 - $28 an hour
This person will need to be in Boston at least 2 days per week. This co-op will run from early January to late June. This person will report to our Manager, InfoSec and Compliance.We will offer you...• Competitive compensation that reflects the value you bring to the team• Opportunity to work alongside a passionate team that is determined to help change the world (and have fun doing it).
#J-18808-Ljbffr