AppSec Jobs
← Back to all jobs

Included Health

Senior Security Operations Engineer

United StatesWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Included Health

Included Health is a healthcare company that offers integrated, personalized care combining virtual and in-person services. Founded by CEO Owen Tripp, the company focuses on improving the healthcare experience by enhancing access, reducing fragmentation, and lowering costs across the U.S., excluding Hawaii. The company provides a comprehensive care delivery model that includes primary care, behavioral health, specialty care, and healthcare navigation. Included Health serves millions of people by partnering with employers and health plans to deliver high-quality care tailored to individual needs. Their services include personalized care guidance, access to board-certified doctors and specialists, immediate mental health support, and culturally competent care aimed at underserved communities. Additionally, they utilize AI-powered tools to help members navigate the healthcare system effectively.

Industry

hospital & health care

Employees

2,000

168 engineers

Revenue

$345M

Website

Visit →

Security at Included Health

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • The company emphasizes keeping stakeholder data safe and secure, runs a bug bounty program, and has migrated to OpenID Connect SSO.
  • Evidence shows focus on developer-facing automation and CI/CD integration.

Security Team

At least some security roles, specifically cloud security roles, report to the Chief Information Security Officer.

Key Initiatives

Initiatives include embedding security into the SDLC (shift-left), implementing and tuning SAST/DAST/SCA/secrets scanning in CI/CD, building automation using Python, Go, Terraform, and Tines, and preventing unauthorized PHI access and exfiltration. Information on Security Champions programs and vulnerability management SLAs/MTTR is not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.