Senior Security Engineer, Product Security

Help Us Shape the Future of Healthcare   At League, we’re big on building connections - both through our product and with each other. Our platform is consumer centric, personalized and always on. We’re reimagining the health benefits experience to give people a more consumer-centric way to manage their health: immediate, seamless, and tailored to their unique needs. It’s a front door to healthcare that empowers people to live healthier, happier lives. Every day.   The Role

Security Engineers at League work with product managers, designers and developers in cross-functional teams dedicated to areas of the product. Their mandate is to ensure that features built at League have security and privacy baked into their design.

In this role, you will:

• Help teams identify and quantify threats and risks using threat modeling and other processes to promote security and privacy by design
• Hold lunch and learns and other training to level up security across the engineering organization
• Build security automation and tools to make it easier to ship secure code
• Perform tools assisted security scanning and testing
• Identify opportunities to automate the detection of indicators of compromise and roll them into incident management playbooks
• Participate in an on-call rotation
• Work together with technical individuals in our security, platform, and product functions to drive security into their tools and processes

 About You:

• You have a degree in a security, computer science or software engineering from a reputable post-secondary institution
• You have experience with Design reviews and threat modeling.
• You have experience with penetration testing with web apps.
• Good to have experience with mobile apps (Android and iOS)
• You have experience in evangelizing secure coding practices and other aspects of Application security.
• You enjoy reading up on the latest security topics.
• Good to have understanding of SOC2 and HITRUST.
• You are able to write code in Python, Go or similar higher level languages.
• You have some Infrastructure as Code (Terraform, Ansible) experience or a strong desire to learn.
• You are a collaborator at your core.

At League, everyone is welcome. We believe individuals should not be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you are an individual in need of assistance at any time during our recruitment process, please contact us at recruitinginfo@league.com.

Our Application Process:   Applying to a role you love can be exhausting, and understanding the next steps can feel vague and uncertain. You have done the hard part of submitting your application; let's do ours by sharing potential next steps

• You should receive a confirmation email after submitting your application.
• A recruiter (not a computer) reviews all applications at League.
• If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
• The final step is an offer, which we hope you will accept!
• Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring.

  Here are some additional resources to learn more about League: Learn more about us in this short video! League, Cleveland Clinic collaborate to make employees healthier across North America League and Loblaw bring next-generation digital health platform to customers League Completes Workday Approved Integration

Recognize and Avoid Employment scams. Practice safe job searching.

Scammers are getting craftier and leveraging fake job postings to get personal information. Know the warning signs and protect yourself from scammers. Learn more here.   Privacy Policy Review our Privacy Policy for information on how League is protecting personal data.