TripleBlind is seeking a highly skilled candidate who possesses extensive expertise in cybersecurity. To succeed in this role, you must be a cybersecurity expert with experience developing and implementing cybersecurity strategies, programs, capability models, and security frameworks in a product-driven organization and ensuring the maintenance of these is conducted timely. You should be able to confidently demonstrate your skills in product operations security, cloud (AWS, GCP, and Azure) security, and Red Team activities. In addition, you should be well versed in the compliancerequirements within the healthcare and financial services industry and feel comfortable discussing security compliance with our customers’ security teams. 

What you will do as a Cybersecurity Architect at TripleBlind:

• Work with cross functional teams including Applied Research, Product Management, Engineering and Compliance to establish our cybersecurity framework, strategy, controls, and plans. 
• Conduct Red Team activities against Business and Production systems, providing recommendations for improvements, and working through internal teams to ensure necessary improvements are implemented. 
• Develop a Cybersecurity Response Plan incorporating input from IT, Engineering, Legal, Compliance and Cloud Operations teams and ensure that the Plan is tested on a regular schedule. 
• Conduct vendor assessments, to ensure they meet compliance requirements necessary for supply chain security. 
• Oversee external penetration testing engagements, including coordinating operations and engineering and testing remediation of identified vulnerabilities. 
• Assist Compliance in meeting security standards (ISO, SOC2, PCI etc.) 
• Plan, research, and design security architecture for cloud-based IT systems (AWS/GCP/Azure) and on-prem. 
• Conduct product design & architecture reviews with product managers and engineering teams. 
• Determine security protocols by evaluating business strategies and requirements. 
• Work with Compliance on testing and maintaining the Incident Management Program, while responding to and investigating security incidents providing thorough post-event analyses. 
• Review system security measures and implement necessary enhancements. 
• Work with Engineering and Cloud Operations teams to develop practices for monitoring and reporting on cybersecurity controls. 
• Maintain current, up-to-date knowledge of best practices through emerging security practices and standards, participating in educational opportunities, reading professional publications, and participating in professional organizations. 

• Have a bachelor level degree or higher in computer science, IT, or related security field 
• Industry certifications such as CISSP, GIAC ,Certified SOC Analyst, or similar are a plus. 
• Have knowledge and skills typically associated with 5 years of progressive experience in security risk management and information security. 
• Have a strong working knowledge of cybersecurity, IT risks and OS security concerns (Windows, MacOS and Linux). 
• Have an advanced understanding of security protocols, cryptography, and security (AES, encryption keys, certificates) 
• Strong understanding of compliance with security standards (SOC, ISO, PCI-DSS, Fed-RAMP, NIST, CIS etc.) 
• Knowledge of design patterns for storing sensitive PII Data. 
• Are an expert in SIEM, IDS/IPS, Firewalls, VPNs and endpoint protection tooling.
• Good understanding of AWS, GCP, and Azure security. Certifications preferred. 
• Knowledge and applied use of coding/scripting in Python, Bash, or similar. 
• Are organized, have a high attention to detail, and are good at prioritizing and juggling multiple work streams. 
• Have excellent communication skills (written and verbal) that are modified to meet the needs, level of expertise and sophistication of the audience. 
• Take initiative and have the ability to drive projects to successful completion. 
• Are self-directed and self-motivated, always looking for new ways to contribute to the success of the team. 
• Are a team player that is as dedicated to the team effort as you are to your own success. 

What is TripleBlind 

TripleBlind has created the most complete and scalable solution for privacy enhancing computation. 

The TripleBlind solution is software-only and delivered via a simple API. It solves for a broad range of use cases, with current focus on healthcare and financial services. The company is backed by Accenture, General Catalyst and The Mayo Clinic. 

TripleBlind’s innovations build on well understood principles, such as federated learning and multi-party compute. Our innovations radically improve the practical use of privacy preserving technology, by adding true scalability and faster processing, with support for all data and algorithm types. TripleBlind natively supports major cloud platforms, including availability for download and purchase via cloud marketplaces. TripleBlind unlocks the intellectual property value of data, while preserving privacy and ensuring compliance with HIPAA and GDPR.

We are a remote-first business. If you are local to the Kansas City area, you are welcome to work out of our office on The Plaza. Otherwise, we're open to all US-based remote candidates. 

When Applying …

Please include a cover letter along with your resume. 

TripleBlind provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression. or any other characteristics protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.