Lead Security Engineer

Posted 2.15.24
Location
Remote
We are redefining how people approach their health
ZOE is combining scientific research at a scale never before imagined and cutting-edge AI to improve the health of millions.  
Created by the world’s top scientists, our personalised nutrition program is reimagining a fundamental human need – eating well for your own body. Currently available in the US and the UK, ZOE is already helping > 100k ZOE members to adopt healthier habits and live better. Our work and expertise in biology, engineering, data science, and nutrition science have led to multiple breakthrough papers in leading scientific journals such as Nature Medicine, Science, The Lancet, and more.
To learn more, head to Spotify, Apple Podcasts, or Audible to listen to our Science & Nutrition Podcast (with 3 million listens!) 
A remote-first, high-growth startup, we are backed by founders, investors, and entrepreneurs who have built multi-billion dollar technology companies. We are always looking for innovative thinkers and builders to join our team on a thrilling mission to tackle epic health problems. Together, we can improve human health and touch millions of lives. 
We value inclusivity, transparency, ownership, open-mindedness and diversity. We are passionate about delivering great results and learning in the open. We want our teams to have the freedom to make long-term, high-impact decisions, and the well-being of our teammates and the people around us is a top priority.
Check out what life is like for our tech team on ZOE Tech.
About the team:
At ZOE, cybersecurity forms the backbone of our operations. We firmly believe that secure systems aren’t crafted merely by stringent rules but through a harmonious integration of security into every facet of our technological culture. This understanding plays a vital role in how we construct our Platform team; a squad predominantly focused on enabling teams to ship software at their best, ensuring security is at the heart of what we do.
Our vision lies in building an environment where security is fostered organically, protecting our customers’ health and personal data. This importance assigned to security extends to the Security Engineering function, aimed at enabling effortless operations of secure products within a cloud setup, and ensuring restricted access to customer data is maintained.
Our Platform team’s mission centers around accelerating the journey of our ZOEntists to production, and security is not an exception. We empower our teams to move rapidly yet securely, delivering the building blocks they require to focus their efforts on resolving business challenges.
About the role:
We are looking for our first dedicated Security Engineer, with experience in areas of application security, cloud-native services and DevSecOps. You will be responsible for developing and implementing a pragmatic security roadmap, prioritising and executing the most impactful technical investments to protect our customers’ data. You will implement frameworks, policies and controls that make us secure by default without slowing down engineering productivity. 
You will work across the stack and with a large number of stakeholders. You will need to develop a great understanding of the business and show adaptability. Your work will span cloud infrastructure, identity and access management, permission management, data storage and processing, threat monitoring and detection, incident response, supply chain management, vulnerability management, secure coding practices, disaster recovery… This is a unique opportunity for a security generalist to take the next step in their career!
You will be…
  • Developing a security roadmap and leading technical investments to protect our assets.
  • Rolling up your sleeves and implementing the roadmap. This is a very hands-on role (Stack: Okta, GCP, GKE, BigQuery, Terraform, Github Enterprise, ArgoCD, Python, Kotlin, …).
  • Designing and ensuring cloud security, auditing or the principle of least privilege.
  • Assessing third-party SaaS providers and supporting engineering teams when integrating with them.
  • Building secure software and establishing secure coding practices together with Software Engineers and Data Scientists
  • Performing regular risk assessments.
  • Detecting, monitoring and managing security incidents.
We think you’ll be a great fit if you…
  • Have experience as a full-stack Security Engineer.
  • Enjoy being hands-on. Automating and writing code will be part of your role Tterraform, Python, Kotlin or similar).
  • Have experience in securing cloud platforms such as GCP, AWS or Azure.
  • Have a clear growth mindset and are someone who enjoys staying up to date with the latest security trends. 
  • Have experience working cross-functional and understand the business context.
  • Are familiar with security frameworks, risk management, and incident response methodologies.
The future of health and fitness, all in one newsletter.
Sign up to get the latest industry trends, news, and tech delivered straight to your inbox.

    No thanks.