Remote Cyber Security Engineer, Application Security
TherapyNotes
π΅ $90k-$130k
πRemote - United States
Please let TherapyNotes know you found this job on JobsCollider. Thanks! π
Job highlights
Summary
Join us and let's revolutionize behavioral health software together while making a real difference! We're seeking an experienced and passionate Application-security focused Cyber Security Engineer to join our team of technology enthusiasts.
Requirements
- Bachelor's degree in information security, information technology, computer science, or related field preferred
- 5+ years of experience in application security or related role
- Strong understanding of healthcare regulations (HIPAA, HITECH, HITRUST) and their impact on application security
- Experience working in healthcare or other highly regulated industries is preferred
- Experience with API security, especially for integrations with other healthcare systems
- Familiarity with HL7, or other healthcare data standards is preferred
- Familiarity with the unique threat landscape of the healthcare industry, including ransomware and PHI-targeted attacks
- Demonstrated experience integrating security in CI/CD pipelines in a SaaS environment
- Understanding of secure coding practices for applications that process sensitive data
- Industry certifications such as CISSP, SSCP or Healthcare-specific security certifications (e.g., HCISPP) are ideal
- Prior experience securing cloud environments (Azure, AWS)
- Proven ability to conduct security assessments, vulnerability management, and incident response
- Strong understanding of OS platforms (Windows, Linux) and endpoint security
- Deep understanding and experience in managing and securing cloud infrastructure and cloud-based applications
- Expert in the latest security principles, techniques, and standards
- Proficiency in various security systems: intrusion detection systems, anti-virus software, identity management systems, log management, content filtering, etc
Responsibilities
- Hands-on management of all security solutions across the organization: SIEM, DLP, E/XDR, vulnerability management, security awareness
- Monitor security alerts, respond to incidents, and manage escalations
- Participate in Incident Response on-call rotation
- Conduct threat analysis, vulnerability assessments, and risk evaluations
- Manage and secure identities in Microsoft Entra ID through Conditional Access and Entitlement Management
- Develop and implement strategies for Data Loss Prevention and identify gaps in DLP coverage
- Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities to ensure TherapyNotes remains resilient against evolving risks
- Conduct periodic system and network configuration reviews to ensure compliance with security standards
- Identify and document cyber risks and manage mitigation, follow up on open security risks, and report issues to leadership
- Align Zero Trust principles with organizational security goals to ensure secure access to corporate resources, both on-premises and in the cloud
- Participate in audits and assessments, supporting governance, risk management, and compliance (GRC) efforts
- Collaborate with developmental teams to ensure security is continuously integrated into the Software Development Lifecycle (SDLC) and CI/CD pipeline
- Enforce secure coding standards and best practices to minimize vulnerabilities and to protect the confidentiality, integrity, and availability of our customer's data
- Perform in-depth security assessments, code reviews, and threat modeling on applications to identify potential vulnerabilities and risks
- Ensure application security measures align with healthcare regulations and standards (e.g., HIPAA, HITRUST, and HITECH) and support regular audits
- Collaborate with developers to remediate vulnerabilities, providing actionable guidance and ensuring effective patching or mitigation measures
- Develop, deploy, and manage security tools and technologies (e.g., SAST, DAST, vulnerability management systems) to automate security testing and scanning processes
- Support application security incident response activities, identifying the root cause of security incidents and contributing to resolution strategies
- Contribute to security awareness programs for the development teams, focusing on secure coding practices and proactive security measures
Benefits
- Competitive salary - $90,000-$130,000
- Employer sponsored health, dental, vision, life, and disability insurance
- Retirement plan with company contribution
- Annual company profit sharing
- Personal development/training budget
- Open, collaborative work environment
- Extensive 2-week onboarding plan
- Comprehensive mentorship program
Share this job:
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Similar Remote Jobs
- π°$90k-$140kπUnited States
- πIndia
- π°$110k-$120kπUnited States
- π°$41k-$62kπRomania
- π°$41k-$62kπUnited States
- π°$154k-$226kπUnited States
- πWorldwide
- πWorldwide
- π°$55k-$60kπUnited States
Please let TherapyNotes know you found this job on JobsCollider. Thanks! π