Hims and Hers offers a modern approach to health and wellness. Our mission is to eliminate stigmas and make it easier for people to access care and treatment for the conditions that impact their daily lives. That starts with creating an open and honest culture of care that is accessible for everyone, no matter who you are or where you live. Since launching in November 2017, we’ve raised over $200MM in funding and are one of the fastest growing direct-to-consumer brands in history.
We are looking for a Security Officer to help develop, design and execute our infrastructure and information security program and priorities. This role will collaborate and coordinate with our data, platform, and infrastructure (production and corporate) engineering teams and work closely with our engineers. It will also work cross functionally to design security plans for our overall business and data handling. You will contribute to protecting hims & hers and the people who trust us with their information and safety.
Provide subject matter expertise on infrastructure security
Partner with various teams to improve security and bring standard methodologies to our infrastructure, products, and services
Research, design and develop solutions meeting internal and external security requirements and standards
Design and deploy infrastructure security tools and monitoring
Drive detection, response, investigation, and remediation of infrastructure security vulnerabilities
Consult and advise on infrastructure security architecture, authentication, configurations, policies, and processes
Experience & Skills
9+ years in a lead or principal role in infrastructure or security engineering
Proven leader, mentor or coach to others
Experience with critical cloud-based infrastructure and distributed systems
Enabling engineers to build and use secure infrastructure, products, and services
In-depth technical knowledge of security engineering, computer and network security, authentication, security protocols, applied cryptography, vulnerability management, and forensic investigations
Deep, hands-on expertise in cloud architectures (SaaS, PaaS, IaaS, distributed systems) and approaches to address their unique management and security considerations
Contributions to the security community (open-source, public research, blogging, presentations, etc)
Deep understanding of applying defensive infrastructure automation, advanced threat detection and attack prevention
Worked in a fast-paced, quickly scaling startup environment
We are focused on building a diverse and inclusive workforce. If you’re excited about this role, but do not meet 100% of the qualifications listed above, we encourage you to apply.