Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

We all depend on healthcare throughout our lifetimes, for ourselves, and our families and friends, but it is notoriously difficult to navigate and understand. As an industry that comprises 20% of the US economy we think healthcare should work better for all of us. At Collective Health we believe it’s time for a new day in healthcare where as members we are informed and empowered to make the right care choices when the decisions are urgent and critical. 

Driven by our mission to make it easier to understand, navigate, and pay for healthcare, Collective Health is evolving the way health benefits work. If you are passionate about our mission and you are an experienced hands-on product and application security professional who is excited about developing and leading a broad range of functions at a mission-driven, highly-regulated technology company, this role is for you.

You’ll lead initiatives that address the company’s—and some of our industry’s—most sophisticated and meaningful security and architectural challenges. You will build relationships across all parts of the business and drive multi-functional initiatives to continuously improve our security and privacy posture. You will be responsible for building and implementing controls that can scale and optimize as we move into a context-aware security environment. We take the security and privacy of our users’ healthcare information very seriously as our brand promise begins with a strong level of trust.

This role will focus on security architecture, design and engineering subject areas while being able to layout product security maturity, identify program and tool gaps and recommend solutions. Building positive relationships with Engineering, Product, Privacy, Compliance and customer facing teams is a core tenant of the role and the team. You will help in building an enterprise testing and assessment framework by introducing and integrating security tools, processes & responsibilities with the developer ecosystem. 

We are looking for a strong Technical and People leader who wants to build this platform and ensure security and privacy across all of our customer and member experiences.

What you'll be doing:
  • Solve for different vulnerability types and security issues with reusable services and libraries
  • Build and extend scalable, legally compliant systems and services that will securely transmit and store sensitive data including ePHI, PII & confidential information
  • Architect, build and drive implementations of DAST/SAST/SCA/WAF/RASP/IAST solutions in an enterprise environment
  • Create shared patterns for secure services and drive adoption  across the engineering teams
  • Participate in identifying security risks through regular security reviews and driving remediation
  • Lead, support, and mentor engineers in secure development practices and be a security subject matter expert and resource within the broader organization
  • Work with product teams to scope security needs for new and existing products, and to plan and implement security features at the platform level
  • Perform threat modeling and attack simulation exercises both in the context of internal assessments and while assisting 3rd party penetration testing/gray box testing
  • Collaborate with product and engineering to appropriately address security risks while enabling product advancement
  • Support security features in our production environment
  • Define security protocols policies, and procedures with clear owners, and timely responsiveness
  • Translate business requirements across the company to best-in-class experiences
  • Be hands-on with our engineering solutions and drive technical excellence within the team
  • Help recruit, hire and build high-performance teams
What you bring:
  • Significant, relevant experience and passion for building security-focused platforms and customer-facing applications that perform at scale
  • Strong software engineering fundamentals with front-end and back-end applications
  • Experience working with multiple programming languages and switching between frameworks as necessary - Python, Java, Kotlin, Scala, and Go
  • Experience successfully triaging and resolving security bugs and incidents
  • Demonstrated record of implementing security programs and practices at scale 
  • Demonstrated strong communication and interpersonal skills across engineering organizations
  • Experience building identity, authentication, authorization and secrets management systems
  • Experience with successfully leading teams in a results-based environment
Preferred: 
  • Evangelized secure coding practices across organizational boundaries
  • Experienced in threat modeling new and existing applications
  • Knowledgeable in secure development practices and common vulnerabilities
  • Strong experience with architecting and/or operating application security tooling such as DAST/SAST/SCA/WAF/RASP/IAST in an enterprise environment
  • Passionate about creating great developer experiences for security features and services
  • Should have worked extensively with cloud providers such as AWS and Google Cloud Platform
  • Healthcare and HITRUST experience preferred

Founded in 2013, Collective Health has created an ecosystem of innovative partners across care and benefits delivery, as well as built a powerful and flexible infrastructure to better enable employees and their families to understand, navigate, and pay for healthcare. By reducing the administrative lift of delivering health benefits, providing an intuitive member experience, and improving health outcomes, the company guides employees toward healthier lives and companies toward healthier bottom lines. Collective Health is headquartered in San Mateo, CA with locations in Chicago, IL, and Lehi, UT. For more information, please visit collectivehealth.com.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Collective Health is committed to providing support to candidates who require reasonable accommodation during the interview process. If you need assistance, please contact [email protected]

Please note that Collective Health requires all employees to verify receipt of a COVID-19 vaccination or to apply for an exemption from the vaccination requirement based on medical need, a sincerely held religious belief, or a local legal exemption. Candidates are not required to furnish such a verification or to seek an exemption from the verification requirement during the application process but would be asked to do so if they accept an offer.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
    • GolangLanguages
    • JavaLanguages
    • PythonLanguages
    • ReactLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • SpringFrameworks
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • PiwikAnalytics
    • SketchDesign
    • ConfluenceManagement
    • JIRAManagement

Location

Located right in the heart of River North by the Red, Brown, and Purple CTA lines, with countless nearby restaurants and entertainment options.

An Insider's view of Collective Health

What’s the vibe like in the office?

The vibe here in the Chicago office is one of chill focus. For the most part, you'll hear the tapping of keys and some soft conversation, with the occasional bubbling over of laughter. We like to get our work done here, but we love getting to know one-another. We're always happy to step away for a chat over coffee or a game of foosball.

Marc

Software Engineer

What does your typical day look like?

Daily work as an SRE includes anything that increases the reliability and stability of the Collective Health platform to make sure our customers have the best experience possible. Everything from huge cross-team initiatives like migrating to Kubernetes to really deep dives troubleshooting issues is possible - and I choose projects that interest me!

Katie

Site Reliability Engineer

How does the company support your career growth?

People here really root for each other’s growth professionally and personally, and they show it by working alongside you to help you do more than you thought you could. We make sure there is space to learn as you work and try new things, and when you do well with them, you get concretely recognized for it.

Hannah

Software Engineer

How do you empower your team to be more creative?

We strive to foster a psychologically safe culture in order to feel free to share all our ideas, allowing even crazy whims and hunches to be molded and shaped by in-depth discussion and collaboration until they reach their full potential. No question is a stupid one, and we all have valuable input.

Matt

Software Engineer

What are some social events your company does?

From the vaguely familiar whirlyball to the always-embarrassing karaoke happy hour, we like to keep things fun and not take ourselves too seriously. We’ve even subjected ourselves to a hot sauce eating challenge, just for fun. Our team also has a regular “game night” where we play anything from Settlers of Catan to Mario Kart.

Patrick

Senior Product Manager

What are Collective Health Perks + Benefits

Collective Health Benefits Overview

We pay 100% of employee premiums for medical, dental, and vision plans. We also offer a wellness stipend, flexible time off, help with your commute, life insurance, a retirement plan, and plenty of perks to keep you happy, healthy, and engaged.

Culture
Volunteer in local community
Friends outside of work
Eat lunch together
Daily sync
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Diversity
Documented equal pay policy
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K)
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Game Room
Stocked Kitchen
Happy Hours
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
More Jobs at Collective Health26 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
Legal
Marketing
Product
Project Mgmt
Sales
Developer
new
Chicago
Data + Analytics
new
Chicago
Marketing
new
Chicago
Developer
new
Chicago
Data + Analytics
new
Chicago
Sales
new
Chicago
Design + UX
new
Chicago
Developer
new
Chicago
Marketing
new
Chicago
Project Mgmt
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Design + UX
new
Chicago
Developer
new
Chicago
Product
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Collective Health's full profileSee more Collective Health jobs