Loop Health - Security Engineer

About Us :

Were a fast-growing fintech company transforming how people access insurance and healthcare services. With a team of 50+ engineers split across multiple product-focused squads, as we scale, were investing in our security infrastructure to support our growth while remaining compliant and secure.

Role Overview :

Were looking for a Security Engineer with 5-6 years of hands-on experience in information security, cloud security, and IT operations. Youll be at the intersection of compliance, infrastructure security, and user lifecycle management, helping us build a robust and scalable security posture.

Key Responsibilities :

InfoSec & Cloud Security

- Implement and manage SSO, IAM policies, and role-based access control across cloud platforms.

- Monitor and analyze firewall, VPN, and data access logs.

- Script automation for repetitive security and compliance tasks (e.g., log aggregation, user audits).

- Define and enforce security controls for cloud environments (preferably GCP).

- Set up and manage security alerts, audits, and incident responses.

IT Security & Compliance :

- Support GDPR and internal compliance processes.

- Design and operate logging, auditing, and reporting tools for :

- Firewall access

- VPN usage

- Data access across internal systems

- Work with teams to ensure audit trails and retention are in place and reviewable.

- Assist in security assessments, policy creation, and periodic compliance audits.

IT Operations :

Own the user lifecycle from onboarding to offboarding :

- Automating access control workflows and documentation.

- Collaborate with HR and engineering to ensure timely and compliant access changes.

- Support internal IT requests with a security-first mindset.

What Were Looking For :

Must-Have Skills :

- 5-6 years of security experience (InfoSec, ITSec, or CloudSec).

- Proficiency with scripting (Python, Bash, or equivalent).

- Understanding of IAM, SSO integrations (Google Workspace, Okta, or similar).

- Familiarity with cloud environments (GCP preferred; AWS/Azure also welcome).

- Hands-on experience with compliance, auditing, and log management.

- Strong problem-solving and communication skills.

Bonus :

- Experience with tools like OSSEC, Wazuh, CrowdStrike, ELK stack, Cloud Audit Logs.

- Understanding of ISO 27001, SOC2, or HIPAA.

- Prior experience in a fintech, healthtech, or regulated environment.

Why Join Us?

- Work in a fast-growing fintech with real-world impact.

- Be part of a small, high-trust team where your work directly shapes the security posture of the company.

- Opportunity to own and scale security and compliance frameworks from the ground up.

- Competitive compensation, wellness benefits, and flexible work policies.