Nuna is a health-technology startup headquartered in San Francisco, California. We partner with organizations to make a positive impact through data-driven healthcare projects.
Nuna is the Korean word for big sister. Founder and CEO Jini Kim is ‘nuna’ to her brother Kimong, who was diagnosed with severe autism at two years old and grand mal epilepsy at eight. Faced with the possibility of debilitating medical debt, at age 9 Jini helped her immigrant parents navigate the convoluted American healthcare system and managed to register Kimong for Medicaid.
Repairing American healthcare became Jini’s life work. Nuna was founded on the belief that connecting healthcare payers, providers, and patients with insights derived from data is a critical foundation for healing this ailing system.
In 2013, Jini was enlisted by the White House to save the embattled rollout of healthcare.gov. In 2014, Nuna began work on the first standardized data platform for Medicaid, which stores the data of over 73 million poor, disabled, and children across the United States. Over this time, Nuna also began working with large, self-insured employers and health plans to improve quality of care for their populations. In two rounds of funding with Kleiner Perkins Caufield Byers, John Doerr, and others, Nuna has raised over $90 million dollars.
Today, Nuna has grown to over 120 engineers, data scientists, designers, and experts in economics, health policy, privacy, security, and corporate operations. We are united in our dedication to a brighter future for American healthcare.
Security, privacy, and compliance working together are fundamental aspects of Nuna’s culture, products, business model, and our analysis. Our mission is to foster trust within the industry and our customers through perceived credibility across our three team disciplines, demonstrated reliability of responsibly protecting Nuna’s assets, and assumed good intent in the business practices carried out by Nuna. Within Trust, the Security team is responsible for protecting the confidentiality, integrity, and availability of all healthcare data, client information, intellectual property, and employee data that has been entrusted to our organization. To stay ahead of a constantly evolving threat landscape our team operates by building and maintaining automated solutions, fostering a security aware culture across teams, and constantly challenging assumptions. We thrive on our ability to participate and give back to the healthcare industry and security community through leadership, code, and research.
San Francisco, CA.
- Be a senior technical contributor of the application security team that is responsible for driving hardening efforts of Nuna products and internal tools.
- Work with engineering and product stakeholders to build threat models and design controls to ensure that healthcare data - of nation-scale populations - is always protected.
- Assist with vulnerability management and remediation efforts as needed.
- Evangelize and educate teams throughout the company to ensure the highest-quality security practices, working to build a friendly and collaborative working environment.
- Build and drive adoption of application security best practices and architecture changes across the engineering organization.
- Drive the design and development of security capabilities such as static analysis, threat modeling, security requirements enforcement, and security linting as part of a CI/CD development process.
Skills and responsibilities
Nuna is a mission-driven organization working to change the healthcare industry, we are looking for individuals who believe in our mission and are willing to work alongside us. To fulfill this role successfully, applicants should be motivated, willing to work and learn in a fast paced startup environment, and possess the following qualifications.
- Strong communication skills and demonstrated empathy when working in challenging environment with competing priorities
- 5+ years of experience in this or a closely related field
- Fundamental knowledge of computer science & software engineering technologies, and the ability to apply that knowledge
- Hands on experience working with Unix/Linux configuration and hardening
- Demonstrated capability in static analysis (automated and manual), with experience customizing and tuning rules, developing custom checks, and integrating processes into continuous integration build environments
- Expertise with authentication and authorization technologies such as Active Directory and SSO/SAML
- Capable of analyzing system requirements, generating and managing security requirements
- Ability to travel if needed
- [Bonus] Experience teaching and mentoring engineering staff on topics pertaining to application security
- [Bonus] Strong knowledge of Unix/Linux
- [Bonus] Experience creating and analyzing system-level threat models
- [Bonus] Experience with healthcare privacy requirements
- [Bonus] Willingness to conduct research, write white papers, and present technical content at local events and conferences on behalf of the Nuna Security team
Technologies Used At Nuna:
- AWS; including EC2, EBS, RedShift, EMR, ELB, SNS, RDS and more
- Linux & Windows
- Salary: , Our package is comprised of a base salary and equity