ProviderTrust empowers a safer, smarter healthcare for patients, providers, and payors. Based in Nashville, Tennessee since our launch in 2010, we create powerful solutions to solve complex problems to make healthcare data meaningful and actionable. Our mission is to create a safer healthcare for everyone.
We partner with HR, Compliance, and Provider Operations teams to monitor healthcare populations to identify license, credential, compliance, and payment eligibility issues before they impact patients. We monitor employees, vendors, provider networks, licenses, credentials and more for OIG and state Medicaid exclusions, sanctions or disciplinary actions, license expirations or suspensions and more, continuously verifying everything at the primary source.
Our solutions combine an intuitive user experience with advanced data matching algorithms and seamless integrations to continuously identify and verify compliance issues in the optimal workflow, such as an HRIS or claims processing system.
We are seeking a highly motivated and talented Security Engineer to evolve and refine the infrastructure solutions we have in place as well as tackle the ones we have yet to see. If open ports keep you up at night, this position may be for you!
- BS or MS degree in engineering, computer science, or related field
- 3+ years of direct experience with the technologies and duties of this position.
- Experience working in a SaaS and healthcare context
- Professional experience with AWS CloudFormation Templates
- Professional experience with git
- Professional experience with monitoring tools (eg: Nagios, Cloudwatch, Prometheus)
- A passion for learning and keeping up to date with the latest tools and technologies
- A strong work ethic and attention to detail
- Able to work on-site at our Nashville location as a salaried full-time employee.
- Demonstrated ability to identify risks associated with business processes, operations, information security programs, and technology projects
- The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background
- Strong critical thinking and analytical skills
- Strong project management and team-building skills, including the ability to drive projects and initiatives across functions
- Knowledgeable about Penetration Testing techniques
- Strong understanding of Web Application vulnerabilities (OWASP) and attacks.
- Ability to translate traditional information security best practices and defense-in-depth approaches to virtualized/cloud-based environments.
- Designing and maintaining secure Linux web servers
- Designing secure Docker containers according to best practices
- Container orchestration technologies like Kubernetes, ECS, etc.
- Automated configuration management tools (eg: Puppet, Ansible)
- Continuous integration and continuous deployment tools (Jenkins)
- Maintaining relational database systems (PostgreSQL)
- Java, Tomcat, or Apache Web Server
- Windows server
- The building or managing of a microservice architecture a plus
- Healthcare security background preferred
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control
- Certified Ethical Hacker
- Global Information Assurance Certification
- AWS certifications
Duties and Responsibilities
- Evaluate and refine existing web server, cloud infrastructure, and application security/availability
- Serve as a subject matter expert for AWS, infrastructure, and systems security/availability
- Serve as the point person for security questionnaires related to IT/infrastructure
- Assist the development team in the design and implementation of new infrastructure solutions with a focus on security, recoverability, and scalability
- Evaluate and refine existing compliance (eg: SOC, HIPAA) controls
- Develop and enforce control mechanisms and evolve them regularly as business or regulatory needs evolve including meeting SOC2 and HIPAA requirements, scheduling and managing audits, maintaining and updating company risk assessment and security policies
- Communicate requirements to all stakeholders including employee training and building a pro-active security culture and representing ProviderTrust’s security program and practices to clients and regulators
- Detect and prevent potential threats and manage the response including maintaining an incident response plan and scheduling and overseeing penetration testing
- Maintain and enhance role-based application access
- Ensure security controls for network architecture and development process as well as for local hardware, network, and environment
What It’s Like To Work Here
We take immense pride in cultivating a strong, person-first culture always looking for ways to be intentionally uncommon. Our team is made up of talented, creative, kind, funny, and energetic folks wired for continuous and ongoing improvement. To be great at ProviderTrust, we find our team members have these things in common:
- Gain energy from working in a fast-paced, creative environment
- Decision making that employs a blend of data-driven insights and intuition
- Ability to multitask and handle multiple projects concurrently
- Resilience and positivity, able to address setbacks and bounce back quickly
- Resourcefulness, discovering creative ways to get things done
- Joy in making an immediate and positive impact
- Diverse interests that are welcomed and extend beyond our organization
Things That Make Us A Great Place To Work
- Competitive base salary and incentive package
- 401k with employer match
- HSA with employer contribution
- Stock option program
- Excellent medical and dental benefits, disability and life insurance
- Unlimited PTO (yes, really – we’ll talk about how it works)
- Growth! Lots of new people, new talent, and new opportunities for our team
- A stocked kitchen and wellness meal plan
- Ergonomic desk setup and open workspaces
- Lots of celebrations! Events, happy hours, and more
- Dog-friendly – WOOF!
- Voted one of the Best Places to Work by the Nashville Business Journal (2015 – 2019)
- Inc. 5000 list of the fastest-growing private firms in the U.S. (2016-2019)