Staff Security Engineer
Gradient AIJob Summary
Gradient AI is seeking a Staff Security Engineer to manage their overall security posture. The ideal candidate will have broad knowledge of the security landscape and be able to leverage that knowledge into actionable controls and metrics to make the organization more secure. Responsibilities include leading risk assessments, cloud security, and implementing security best practices. The role requires 5+ years of experience as a System Security Engineer or Information Security Engineer, with hands-on experience in security systems within AWS. Gradient AI offers a fun team-oriented culture, generous stock options, unlimited vacation days, flexible schedule, full benefits package, and opportunities to learn and take on new responsibilities.
'This is a fully remote opportunity' or 'this is a hybrid position based out of our Boston Office'.
Gradient AI:
Gradient AI is a leading provider of AI solutions for the Group Health and P&C insurance industries. Our solutions improve loss ratios and profitability by predicting underwriting and claim risks with greater accuracy, as well as reducing quote turnaround times and claim expenses through intelligent automation. Gradient AI’s SaaS platform leverages a vast industry data lake comprising tens of millions of policies and claims, providing insurers with high resolution, data-driven insights. Customers include some of the most recognized insurance carriers, MGAs, MGUs, TPAs, risk pools, PEOs, and large self-insured employers across all major lines of insurance. Founded in 2018, Gradient has experienced strong growth every year, and recently raised $56 million in Series C funding from top Insurtech investors.
About the Role:
We are in search of a Staff Security Engineer to manage our overall security posture. You will have a broad knowledge of the security landscape and be able to leverage that knowledge into actionable controls and metrics to make us more secure overall.
How you will make an impact:
Risk/Compliance
Lead the evaluation for HITRUST certification and SOC2 report
Perform risk assessments
Cloud Security
Assess and improve network & data security
Cloud Posture Management
Implement and automate cloud configuration management to ensure security best practices, compliance, and continuous risk mitigation
Security Operations
Drive enterprise security initiatives that enhance the organization’s resilience against cyber threats
Manage and optimize our Security Information and Event Management (SIEM) system to ensure accurate threat detection and effective response
Develop and fine-tune detection rules to identify and mitigate security threats in real time
Conduct assessments, penetration tests, and vulnerability scans to identify and remediate security gaps
Ensure timely patching of systems and applications to reduce exposure to known exploits
Deploy and manage endpoint detection response (EDR) solutions to monitor, detect, and respond to endpoint threats
Manage user authentication, permissions, and identity security to protect access to critical systems
Implement and enforce mobile device management (MDM) security policies to safeguard corporate endpoints
Skills needed to succeed:
5+ years of experience as System Security Engineer or Information Security Engineer
Experience managing security audits for SOC2 or HITRUST
Experience in building and maintaining security systems
Security Information Event Management (SIEM) solutions
Hands on experience in security systems within AWS
Nice to haves:
Familiarity with securing PHI and PII
Experience with Data Loss Prevention (DLP)
Security related Certifications
What We Offer:
A fun, team-oriented startup culture.
Generous stock options - we all get to own a piece of what we’re building.
Unlimited vacation days.
Flexible schedule that supports working from home.
Full benefits package includes medical, dental, vision, 401k, paid paternal leave, and more.
Ample opportunities to learn and take on new responsibilities.
We are an equal opportunity employer.
