Application Security Engineer
Dhaka, BD
Augmedix
Augmedix harnesses the power of AI to provide industry-leading medical documentation & data services, giving physicians more time to focus on patient care.Augmedix, Inc. (Nasdaq: AUGX) provides automated medical documentation and data services to large healthcare systems and physician practices, supporting medical offices, clinics, hospitals, emergency departments, and telemedicine nationwide. The Company’s Ambient Automation Platform converts the natural conversation between physicians and patients into timely and comprehensive medical notes and performs a suite of related data services. These services relieve physicians of administrative burdens to enable more time for patient care. Augmedix’s proprietary platform uses automatic speech recognition, natural language processing, and clinical datasets to capture the ambient visit conversation and generate a structured medical note. The structured medical note data is then used to deliver additional data services. Quality is assured by trained medical documentation specialists.
As an Application Security Engineer at Augmedix, you will help to validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services (Web and Mobile Application, API, Micro-services, internal networks), source codes, vendor-provided solutions, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will collaborate with our engineering and product teams to drive the implementation and validation of security controls prior to the production launch. You will be expected to be strong in multiple domains and provide subject matter expertise when required.
Key Job Responsibilities
- Perform design review, threat modeling, secure code review, and penetration testing for our products, infrastructures and services.
- Provide technical security guidance to mitigate identified risks.
- Create security guidance and documentation for internal and external audiences.
- Review existing processes and suggest improvements for increased security and efficiency.
- Strongly influence decision-makers and stakeholders to achieve a consistently high security bar for new services or features.
- Build Security metrics to track the effectiveness of our security excellence program.
- Keep up to date with trending known/unknown (0-day) security vulnerabilities and take appropriate action to make our services secured.
Job Requirement:
- Bachelor's degree in Engineering or relevant field, or an equivalent combination of education, training, and experience.
- Minimum of 2 years of professional experience with any combination of at least 2 technical disciplines, including the following: application security, mobile security, network security, penetration testing, secure coding and development methodologies.
- Knowledge of core application security principles, secure code review, common security vulnerability classes, their root causes, and mitigations.
Preferred Requirements:
- Professional experience conducting security assessments and reviews, including penetration testing or red teaming, and demonstrated the ability to clearly explain the remediation of findings to product owners.
- Knowledge of threat modeling or other risk identification techniques.
- Knowledge of web and mobile application vulnerabilities and remediation techniques.
- An understanding of communication protocols and data formats (such as TLS, HTTP(S), JSON, XML, Web Sockets).
- An understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures).
- An understanding of containerization technologies (Docker, Kubernetes) for the purpose of secure implementation review.
- Experience with one or more scripting or programming languages (such as Java, C++, Python, Go) for the purpose of code review.
- Familiarity with security best practices for Amazon Web Services (such as API Gateway, IAM, Cognito, EC2, S3, DynamoDB, Lambda, ECR, EKS) or similar enterprise cloud computing platforms
- Ability to lead through influence within a secure software development life-cycle for multiple products and services, meeting customer and compliance expectations for security.
- Strong written and verbal communication skills with the ability to engage directly with senior leadership.
- Ability to discover and communicate deep technical issues in terms of business risk with non-experts and senior leaders.
- Strong ownership, urgency, and drive.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: API Gateway APIs Application security Automation C Cloud Compliance Cryptography Docker DynamoDB EC2 IAM Java JSON Kubernetes Lambda Mobile security Network security Pentesting Python S3 Scripting Security assessment TLS Vulnerabilities XML
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs