Senior Security Engineer

About ZAVA:

We're on a mission to provide our patients with healthcare that is accessible and dependable, at a fraction of today's cost. By creating a safe, efficient and convenient approach to healthcare we’ve already provided over 6 million consultations across the UK, Germany, France, and Ireland. 

Our team of Doctors, Engineers, Customer Support Advisors, Marketers, Product Managers, UX Designers, Pharmacists, Commercial & Operations Specialists all work collaboratively to build a digital healthcare platform that enables our patients to find the right healthcare quickly, effectively, and discreetly so they can do more of what matters to them. 

At the end of 2020, we secured a second round of investment and completed two exciting acquisitions in Germany. We're a scaleup company with ambitious growth plans. 

We’re here because we care about healthcare and we plan to be Europe’s biggest digital healthcare provider by 2025. 

About the role:

We are looking for a Senior Security Engineer to join ZAVA’s security team to help ZAVA deliver its Cyber security resilience. Reporting to the Head of Information Security, you will be responsible for working closely with internal and external stakeholders to identify and mitigate security risks. You will act as an "advocate" to help drive security forward in all parts of the company while educating your colleagues on all aspects of security.

What can you expect from working with us? / What's in it for you?

• Patient-focused mentality - Care is our fundamental deep-down motivation. We’re an organisation full of smart people who care - about patients, about each other and about doing the right thing. And because of this, we receive great patient reviews.
• Chance to influence the future of healthcare - It is through technology that ZAVA has been able to make efficiency gains in the healthcare sector. To continue pushing boundaries and expand the company, our technology needs to evolve and grow and you will play a significant role in this.
• Adaptability - We apply a composable approach to system design. It allows us to experiment with different solutions, connecting various parts of our system in different ways to unlock new functionalities. This approach also means we can make each part of our system easily and safely modifiable.
• Competitive salary, flexible working and other benefits - please see a full list of our benefits below.

Day-to-day the work will encompass:

• Working with AWS Cloud Infrastructure team to secure our cloud infrastructure
• Working with the development team in embedding security in the SDLC
• Performing risk assessments, incident monitoring, threat modelling and security reviews
• Improving security tooling, processes and standards to provide security assurances across the business.
• Developing security guides along with defining, implementing, and monitoring security measures to protect ZAVA.
• Support the Security team in maintaining and improving our ISO27001 certification

Experience and Qualifications:

• To have the curiosity and drive to solve complex puzzles
• Are able to identify vulnerabilities and potential security risks
• You have knowledge and experience in securing AWS Cloud Infrastructure
• In-depth understanding of application security vulnerabilities and standards
• You are able to present those risks to stakeholders and other parties in a way that can be easily understood by non technical individuals
• You have good knowledge of standard information security frameworks (eg. NIST,ISO27001)

Added bonus if you have experience in:

• Threat modelling and SDLC experience in a development organisation
• You may have experience with SIEM
• You may have experience in one or more of the following languages: PHP, Python, JavaScript, Golang
• You may have worked within a fast paced business
• You may have experience working in the health tech sector

Line Manager: Head of Information Security

Application Journey:

• Talent Partner Screening Call
• Hiring Manager Screening Call
• Presentation
• CTO Wrap up conversation

Benefits from the day you join:

• 25 days holiday + bank holidays + Birthday day off
• Healthcare cash back plan through SimplyHealth 
• Access to SimplyHealth advice, counselling and corporate discounts
• Free access to all services on the ZAVA website
• Membership to Headspace (mindfulness application)
• Remote flexible working
• Macbook Pro
• Modern office with breakfast, hot drinks, bike storage and shower facilities
• Dog friendly office

Additional benefits following probation period:

• £500 training budget per year (after 3 months) 
• Company sabbatical after 2 years
• Opportunity to work from overseas for 2 months each year
• Opportunity to relocate to one of our global offices (dependent upon meeting eligibility criteria)
• Enrolled on discretionary company bonus scheme

Core working hours

Our core business hours are 9am - 6pm, although flexible working arrangements are available upon agreement with your line manager.