Application Security Engineer

Chicago, IL, New York City, Boston, SF

Applications have closed

Tempus

Tempus has built the world’s largest library of clinical & molecular data and an operating system to make that data accessible and useful, starting with cancer.

View company page

Passionate about precision medicine and advancing the healthcare industry?

Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time.

At Tempus, the Application Security team’s goal is to measure our security posture, scale security risk, and provide secure-by-default approaches to engineering and product teams. This is accomplished by enabling the programmatic detection of application risks, performing code reviews of key components, and developing blessed patterns to code, build, and deploy securely. 

We’re looking for an Application Security Engineer to help drive a security culture and champion application security initiatives at Tempus.

What You’ll Be Doing

  • Supporting and consulting with engineering and product teams in the area of application security by identifying and participating in the creation of design patterns that are secure by default. Also by participating in threat modeling and other security assessments to help teams balance security risk vs. product needs.
  • Assisting in the creation of and supporting Tempus-wide application security initiatives and being an active member in developing the application security program at Tempus.
  • Participating in application security vulnerability management and supporting the vulnerability disclosure program.
  • Adding your experience and knowledge to the creation of security training for teams.
  • Researching and providing context for novel web security issues against Tempus’ products. As well as developing and supporting automated security testing to validate secure coding best practices are being followed.
  • Scaling application security through automation.
  • Sharing your knowledge and expertise with other members of the team

Qualifications

  • 2+ years experience in application security
  • Experience working with developers.
  • Good communication skills; You should be able to explain security risks to an audience of engineers or product managers.
  • Comfortable with eyeballing risky code patterns in JavaScript, TypeScript, and Python.
  • Good understanding of modern web technologies, their downsides, and how best to secure them.
  • Basic understanding of what a good, mature, application security program should look like.
  • A desire to scale security though simple and practical implementations.
  • Ability to use GitHub.
  • Basic development or scripting experience and skills.
  • Familiarity with common security libraries, security controls, and common security flaws.
  • Experience with OWASP, static/dynamic analysis, and common security tools.
  • A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS).

About Tempus:

We're on a mission to connect an entire ecosystem to redefine how genomic data is used in clinical settings. We're looking for software engineers who are passionate about changing the status quo and bringing cancer care into the 21st century.

We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-BL1 #LI-REMOTE

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Automation GitHub JavaScript OWASP Python Scripting Security assessment TCP/IP TypeScript Vulnerability management

Region: North America
Country: United States
Job stats:  8  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.