Application Security Engineer
Chicago, IL, New York City, Boston, SF
Applications have closed
Tempus
Tempus has built the world’s largest library of clinical & molecular data and an operating system to make that data accessible and useful, starting with cancer.Passionate about precision medicine and advancing the healthcare industry?
Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time.
At Tempus, the Application Security team’s goal is to measure our security posture, scale security risk, and provide secure-by-default approaches to engineering and product teams. This is accomplished by enabling the programmatic detection of application risks, performing code reviews of key components, and developing blessed patterns to code, build, and deploy securely.
We’re looking for an Application Security Engineer to help drive a security culture and champion application security initiatives at Tempus.
What You’ll Be Doing
- Supporting and consulting with engineering and product teams in the area of application security by identifying and participating in the creation of design patterns that are secure by default. Also by participating in threat modeling and other security assessments to help teams balance security risk vs. product needs.
- Assisting in the creation of and supporting Tempus-wide application security initiatives and being an active member in developing the application security program at Tempus.
- Participating in application security vulnerability management and supporting the vulnerability disclosure program.
- Adding your experience and knowledge to the creation of security training for teams.
- Researching and providing context for novel web security issues against Tempus’ products. As well as developing and supporting automated security testing to validate secure coding best practices are being followed.
- Scaling application security through automation.
- Sharing your knowledge and expertise with other members of the team
Qualifications
- 2+ years experience in application security
- Experience working with developers.
- Good communication skills; You should be able to explain security risks to an audience of engineers or product managers.
- Comfortable with eyeballing risky code patterns in JavaScript, TypeScript, and Python.
- Good understanding of modern web technologies, their downsides, and how best to secure them.
- Basic understanding of what a good, mature, application security program should look like.
- A desire to scale security though simple and practical implementations.
- Ability to use GitHub.
- Basic development or scripting experience and skills.
- Familiarity with common security libraries, security controls, and common security flaws.
- Experience with OWASP, static/dynamic analysis, and common security tools.
- A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS).
About Tempus:
We're on a mission to connect an entire ecosystem to redefine how genomic data is used in clinical settings. We're looking for software engineers who are passionate about changing the status quo and bringing cancer care into the 21st century.
We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#LI-BL1 #LI-REMOTE* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation GitHub JavaScript OWASP Python Scripting Security assessment TCP/IP TypeScript Vulnerability management
Region:
North America
Country:
United States
Job stats:
8
1
0
Categories:
AppSec Jobs
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs