Application Security Engineer - Opala Remote Bookmark Share Print 168 0 1

Listing Description

 
Opala is growing and seeking an experienced Application Security Engineer to complement our team. This Engineer will be responsible for reducing risk across Opala, while partnering with engineering and product teams during each point of the software development lifecycle (SDLC). They'll also help drive broader security initiatives across Opala.   
  
A solid understanding of software security, session management, secure code reviews, security requirements analysis, and best development practices will ensure your success in this position.  The role collaborates with a variety of stakeholders (internal customer, external clients and 3rd party vendors). 
 
Opala is a healthcare tech startup, combining patient information to establish a complete, individual healthcare profile. Our end goal is to improve healthcare outcomes and reduce cost, administrative waste, and to enable digital solutions.  
 
If you want to directly impact transforming healthcare through data and technology and have a passion for this space, we'd love to hear from you. In exchange, we’ll also provide great benefits (medical/dental/vision, HSA, 401k, PTO, etc.), competitive salaries, generous stock option plan and opportunities for growth and development. 
 
Our team is based in downtown Seattle, offering amazing views of the Puget Sound, Mt Rainier and the Olympics. We're conveniently located next to major transit lines and a quick walk to Pike Place Market and Seattle Art Museum. Complimentary perks include onsite bike storage, a beautiful gym and fully outfitted game room and more.

Responsibilities
  • Act as a subject matter expert on application security domains involving web, mobile, and desktop platforms   
  • Conduct security consultations on new and existing products, and be able to communicate complicated issues to non-technical audiences  
  • Integrate security guidance into product design and engineering efforts
  • Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities
  • Act as liaison between software development team and security team
  • Help your peer engineers grow their own security reasoning and knowledge


    • Competencies
  • B.S. or M.S. Computer Science or related field, or equivalent experience 
  • Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)
  • Experience in building and scaling the Secure Development Lifecycle
  • Experience with threat modeling and handling vulnerability reports
  • Experience partnering with cross-functional engineering and product teams
  • Experience in identifying and remediating common web application vulnerabilities such as OWASP Top 10
  • Experience working with authentication protocols including OAuth 2.0, SAML, OIDC and LDAP
  • Experience working with network and web related protocols including TCP/IP, UDP, HTTP and HTTPS
  • Experience with common security libraries and tools such as static analysis, dynamic analysis and proxying/penetration testing tools
  • Demonstrated software development experience, incorporating secure coding principles and testing software against security risk/parameters

    • Note: Currently, we are unable to accept applicants residing outside the United States and/or unsolicited C2C/CTH. Thank you for understanding.

    Opala is an equal opportunity employer and makes employment decisions on the basis of merit.  We are committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.
     

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!