Who ❤️ PJ →

Full Search

This job listing has expired and may no longer be relevant!
1 Jun 2021

Full-Time Application Security Engineer

Alyssa Noah/ 1upHealth – Posted by AlyssaNoah United States

Job Description

At 1upHealth, we are united by our shared goal – unlock healthcare data to improve patient and financial outcomes.
As a leader in FHIR® interoperability, our core belief is that unleashing the power that lies within health data can improve the way that we operate in our industry. We are on a mission to make it easier to access, aggregate, analyze and share healthcare data. Through our secure FHIR platform, we offer a solution to; break the barriers that hinder innovation and interoperability, meet compliance regulations and leverage the cloud for ubiquitous technology enablement.
With our recent $25 million Series B funding, we are starting our next chapter as the leaders in healthcare data. Check us out in Forbes.
As an application security engineer on the 1upHealth Engineering team, you will help harden our overall security on our architecture and software platform.  The security engineer will be joining our cloud-ops team, working through any security issue that comes up internally or with a customer.  As a HIPAA compliant company, we strive to protect all of our customers’ data in the cloud and are always improving our security and the security culture within the organization.

What You’ll Do:

    • Develop secure code practices and support training to our engineers.
    • Provide support for security testing on our environments.
    • Participate in our incident response and vulnerability remediation efforts.
    • Finding potential gaps in our security architecture and implementing solutions.
    • Evaluate application security tools for internal consumption.
    • Develop new automation and tooling to improve our detection and prevention capabilities.
    • Implement the technology organization’s security and privacy initiatives by participating in design reviews and threat modeling.
    • Work with our engineering teams ensure security issues are fixed in a timely manner.
    • Auditing logs and events to ensure compliance with our SOC2 information security policy.

What You’ll Have:

    • B.S. / M.S. in Computer Science, Electrical Engineering or related experience.
    • Basic knowledge of security concepts based on relevant courses, self-learning or past internships.
    • Familiarity with identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
    • Relevant development experience in some of these languages: Java, JavaScript / NodeJS / TypeScript, Python.
    • Familiarity with the browser security model, cryptography, and network security.
    • Exhibits the characteristics of a continuous learner.
    • Ability to work in an Agile Scrum environment.
    • Team oriented and skilled in working within a collaborative environment.
    • Self-driven, analytical, and results oriented with proven sound judgment.
    • Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications.
    • Familiarity with security tools such as static analysis, runtime analysis, black-box testing, etc.(Burp Suite, OWASP ZAP, Snyk, Metasploit)
    • Prior work experience in an application security role.
    • Experience working with cloud environments and services.
    • Attacker mindset: Passion for breaking all things unbreakable.
    • CISSP or other security certifications
    • Cloud experience
    • HIPAA / GDPR / HITRUST experience
Share this role online (there may be a referral fee*)

How to Apply

Please click this link to apply https://jobs.lever.co/1up-health/23f11141-b7bd-460d-8e97-912e68023b9e

Job Categories: Equal Opportunities. Job Types: Full-Time. Salaries: 100,000 and above.

257 total views, 0 today

Apply for this Job