Senior Security Engineer

Summary

Join our Engineering Team and help shape the future of healthcare technology! We're revolutionizing mental healthcare with comprehensive provider and patient portals, transitioning to a Service-Oriented Architecture (SOA). You'll play a key role in reshaping our systems, ensuring agility and scalability within our event-driven architecture. You'll work with GraphQL, a Centralized Component Library, and an Authorization Service. This role focuses on enhancing the security of our code and development practices, launching a vulnerability management program. You'll have endless learning opportunities and contribute to improving patient outcomes. Join us in making a difference!

Requirements

• 4+ years of experience as a security engineer (any role)
• Experience with JavaScript, TypeScript, Node.js, and/or Ruby
• Experience with OWASP Top 10 and the application of those to modern systems
• Experience with common SAST and DAST tooling and best practices

Responsibilities

• Enhance the security of our code and development practices
• Launch a vulnerability management program with Engineering and external partners

Preferred Qualifications

• Experience launching and/or managing a bug bounty program
• A functional understanding of HIPAA requirements and how they apply to application security practices
• Experience with Web Application Firewall (WAF) tuning and alerting
• Familiarity with JS front-end libraries, preferably React
• Experience interfacing with 3rd party pentesters to validate findings and develop remediation plans

Benefits

• 100% remote work environment: Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitments
• Attractive pay and benefits : Full transparency of pay ranges regardless of where you live in the United States
• Comprehensive health benefits : Medical, dental, vision, life, disability, and FSA/HSA
• 401(k) plan access : Start saving for your future
• Generous time-off policies : Including 2 company-wide shutdown weeks each year for self-care (for most employees)
• Paid parental leave : Available for all parents, including birthing, non-birthing, adopting, and fostering
• Employee Assistance Program (EAP) : Support for your mental and physical health
• New hire home office stipend : Set up your workspace for success
• Quarterly department stipend : Fund team-building activities or in-person gatherings
• Wellness events and lunch & learns : Explore a variety of engaging topics
• Community and employee resource groups : Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all
• Discounted programs : Fetch, SmartSpend, Ladder, SoFi