Security Engineer Job at Stedi, Indiana

TVBJbm00YzVoeWJKT3FDVUVLMG9IWFh1c0E9PQ==
  • Stedi
  • Indiana

Job Description

We're building a new healthcare clearinghouse

In the healthcare sector, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires that all insurance payers exchange transactions such as claims, eligibility checks, prior authorizations, and remittances using a standardized EDI format called X12 HIPAA. A small group of legacy clearinghouses process the majority of these transactions, offering consolidated connectivity to carriers and providers.

Stedi is building the world’s only API-first clearinghouse. By offering modern API interfaces alongside traditional real-time and batch EDI processes, we enable both healthcare technology businesses and established players to exchange mission-critical transactions.

Stedi has lightning in a bottle: engineers and designers shipping products week in and week out; a lean business team supporting the company’s infrastructure; passion for automation and eliminating toil; $92 million in funding from top investors like Stripe, Addition, USV, Bloomberg Beta, First Round Capital, and more.

What we’re looking for 

We are seeking an experienced Security Engineer to join our Platform Team. This team is at the core of our infrastructure, responsible for managing multiple AWS Organizations and providing the foundational tools and services that enable our engineering teams to build reliable, secure, and compliant applications.

The Platform Team’s responsibilities span a wide range of areas, including:

  • The infrastructure AWS our engineering teams rely on.

  • Authentication services for our customers.

  • Management of our GitHub organization and IT operations.

  • Supporting compliance efforts to ensure alignment with industry standards (SOC, HIPAA, HITRUST).

As a Security Engineer, you will play an active role in how we set up our AWS infrastructure, software development lifecycle, and endpoint security. Your contributions will help ensure our engineering teams build applications in a way where it is easy to demonstrate alignment with regulatory and compliance requirements.

How we build

  • We use AWS exclusively for our backend infrastructure that processes customer data. We use tools like GitHub, Stripe, Vanta, and PagerDuty, but all of our application work happens on AWS. 

  • We use serverless technologies almost exclusively: Lambda, API Gateway, SQS, SNS, DynamoDB, Aurora Serverless, and more. We don’t run a single server on prem or in the cloud.

  • We use CDK (TypeScript) to define infrastructure as code.

  • We have a strong preference for using AWS products over 3rd party solutions. This simplifies vendor management and compliance, and ensures we can benefit from the integration capabilities and innovations that AWS provides us with now and in the future.

What you'll do

  • Develop playbooks and address security-related tasks in our AWS serverless environments.

  • Drive improvements in our broader ‘IT’ footprint, including endpoint security, access management / just-in-time access, email and web gateways, browser security, and data loss prevention. 

  • Collaborate with product engineering teams to raise the bar for security, supporting CI/CD pipelines, dependency management, and secure application design reviews.

  • Help secure and improve our AWS organization using infrastructure as code (CDK) , enforcing security controls, and ensuring strong tenant isolation.

  • Continuously assess vulnerabilities and perform regular risk assessments.

  • Manage Vanta workflows and automate tasks to maintain SOC and HIPAA compliance.

Who you are 

  • 6+ years of experience in engineering working as a security engineer or in security-adjacent roles  

  • Familiarly with compliance frameworks such as SOC, HIPAA, and/or HITRUST

  • 4+ years working with AWS services, including compliance and governance services like AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty.

  • Proficiency in TypeScript.

  • Ability to prioritize your work based on the needs of the business and the customers

  • High bandwidth; thoughtful attention to many areas simultaneously

  • Ability to context switch throughout the course of the day or week as priorities shift

  • Philosophical alignment with the Stedi Standards and the Unwritten laws of engineering .

At Stedi, we're looking for people who are deeply curious and aligned to our ways of working. You're encouraged to apply even if your experience doesn't perfectly match the job description.

Job Tags

Remote job, Shift work,

Similar Jobs

Focused Staffing

School Psychologist Job at Focused Staffing

 ...Focused Staffing Group is looking for a School Psychologist in Wilmington, DE COMPENSATION: Pays up to $87 per hour JOB TYPE: Full-Time and Part-Time opportunities available We are seeking a dedicated and passionate School Psychologist to join our team.... 

PPS-HPS

Quality, Environmental, Health, and Safety Manager Job at PPS-HPS

 ...The Quality Safety Manager is responsible for developing, implementing, and overseeing quality, environmental, health, and safety programs to ensure compliance with industry regulations, company standards, and legal requirements. This role includes establishing and... 

University of Minnesota Twin Cities

Facilities Coordinator | University of Minnesota Twin Cities Job at University of Minnesota Twin Cities

 ...Facilities Coordinator Hours Per Week: 40 Weekly Schedule: Wednesday 1:30-10:00 pm,...  ...Assist with coordination of Facilities Management work requests to ensure proper and timely...  ...About University of Minnesota Twin Cities The University of Minnesota, founded... 

The Excalibur Group

Court Reporter Job at The Excalibur Group

 ...The Excalibur Group is currently seeking a Court Reporter in Washington, DC to support a Federal contract. **Must be able to pass a security screening. SUMMARY As a trained Court Reporter, you will use specialized equipment for creating and maintaining accurate... 

NAVEX ASIA LTD

Senior Trader Job at NAVEX ASIA LTD

Tasks:-Prospect customers in South America and Middle East, offering our commodities and logistics solutions, develop new sales-Manage sales and advise top level buyers-Build development strategies per product line-Follow and supervise trading deals and back office ...