Sr. Security Engineer - Product (Remote) - Included Health Remote Bookmark Share Print 126 0 0

Listing Description

Included Health is looking for a Senior Product Security Engineer to expand our team! In this role, you will be helping Included Health change the standard of security in healthcare, and help us build our Product Security team. You will be working with developers, engineers, data scientists, and other professionals to ensure our platform, application, and member experience are secure.

Responsibilities:
  • Security engineering and architecture background for consumer facing services.
  • Share experience with authentication and authorization models, modern mobile security methodologies, applied cryptography, and secure-by-design development practices.
  • Implement best-practice security procedures, standards, and guidelines in the application space.
  • Develop tools that make it easier to ship secure code and harder to ship insecure code.
  • Conducting risk assessment, penetration testing, code reviews, and static analysis or other security validation of specific projects.
  • Perform and support security assessments against most modern product features.
  • Partner with our engineering team and architects to design, implement and improve application security solutions.
  • Advocate security awareness and teach secure behavior and methods.
  • Assist in compliance activities such as external audits from customers, regulatory compliance projects, and overall information security reviews.
  • Perform threat modeling of upcoming features and products.
  • Team player, influencer, mentor, and growth mindset to help drive out of the box solutions.
  • Excellent communication skills to clearly communicate security recommendations, decisions, and to build and maintain security relationships across the enterprise.

    • Qualifications:
  • Bachelor’s Degree in Computer Science or a related field and 2 years experience in application/product security.
  • Strong communication skills - written and verbal.
  • Experience working with common security vendors for an AWS stack, and also with cloud native AWS security capabilities.
  • Code comprehension in at least two languages (Java, Python, Ruby, C++ etc.).
  • Discussion and collaboration mindset. Engaging in healthy, constructive debates is key to our teams to innovate and plan for the future, of which Information Security plays a key role.
  • Experience in implementing controls and supporting audit or evidence requests for information security compliance programs including PCI, ISO 27001, HITRUST, and SOC 2.
  • Previous experience working in a startup environment and/or in Healthcare.
  • Demonstrated experience and expertise with: Identifying and resolving OWASP Top 10 vulnerabilities. Threat modeling in an Agile environment. Security Verification Standards. Authentication and authorization schemes.
  • Strong understanding of web and mobile application security assessment techniques, threat modeling, general software development practices.
  • Experience with creating automation in a higher-level scripting language (Python, JavaScript, etc.).

    • Nice to have:
  •  Secure code reviews.
  • Cryptography implementations.
  • Has experience in threat modeling, penetration testing, creating security requirements, performing source code reviews, and/or leading security design reviews.
  • Has experience building sustainable security programs with an emphasis on customer service, partnership, and enablement of software engineering and product stakeholders.
    • About Included Health

    Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at includedhealth.com.

    -----
    Included Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Included Health considers all qualified applicants in accordance with the San Francisco Fair Chance Ordinance.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!