Software Engineer, Security
San Francisco, Remote
Applications have closed
PicnicHealth
We collect all your medical records in a secure, digital timeline. And we empower you to be part of something bigger by contributing to research, anonymously.Healthcare needs good data. At PicnicHealth, we are building deep real-world datasets to fuel cutting-edge research, while giving patients control of their own medical record data. These complete, clinically-rich datasets produce unique insights across dozens of diseases to ultimately get the right treatments into patients’ hands faster. We do this by working directly with patients and leveraging state of the art machine learning to transform messy medical records into structured, research-ready datasets. To date we’ve helped tens of thousands of patients securely access their records and proactively contribute to advancing research in diseases that impacts their lives.
We’re excited to announce $60 million in funding in a Series C led by B Capital Group. Our existing investors Felicis Ventures and Amplify Partners also joined the round, bringing the total we have raised to more than $100 million.
And we are just getting started! If you are looking to join an award winning, mission-driven, motivated team that is making a real impact across millions of people’s lives, PicnicHealth might just be the place for you.
The Opportunity
We build a number of applications that allow us to communicate with patients, retrieve and label medical records, and generate high-quality datasets tailored for our research partners. The data we work with captures some of the most important, sensitive information about our patients, making application security critical. We are HITRUST certified for HIPAA compliance, which requires us to implement and maintain a number of security policies and controls. The goal of security engineering within our infrastructure team is to make sure our cloud operations and the code we put into production are bullet proof, and to up-level our engineers so that they are designing and building with a security-focused mindset.
This is a small and growing team with a huge opportunity for impact across the entire organization. As a team member, you will work across engineering to help the company safely scale. Your contributions will focus on ensuring we implement the best security practices across teams composed of fullstack, data, and ML engineers. Our tech stack today includes: GCP, Kubernetes, Istio, Helm, Terraform, PostgreSQL, Redis, ElasticSearch, BigQuery, Prometheus, Grafana, Stackdriver, Node.js, Python, React, Hasura GraphQL, PyTorch, Tensorflow, GitHub Enterprise Server, Jenkins.
As a Security focused Software Engineer, your responsibilities will include:
- Working with engineers to implement security best practices, both by identifying better patterns and pairing with engineers to implement them
- Reviewing pull requests that touch technologies across our tech stack for implementation security
- Rolling out policies that improve security best practices while accounting for developer experience
- Reviewing GCP Security Command Center and HackerOne, and addressing findings
- Interfacing with pen testers to guide their efforts and address their findings
- Keeping our application dependencies and self-hosted applications up-to-date
- Supporting existing compliance efforts while helping developers maintain a culture that aggressively upholds the highest security standards for patient data
You are a great fit if you:
- Have 3+ years of full-time software engineering work experience with an interest in web security
- You want to lead and improve our security posture
- Are familiar with or motivated to quickly learn our tech stack and good security practices
- Are driven to work on high impact (ROI) projects and thrive in a fast-paced environment
- Enjoy working with other engineers to improve their approach to design and implementation
- Have experience with GCP and Kubernetes
We expect all team members to be motivated to be amazing in their roles and, ultimately, to move the PicnicHealth mission forward.
Perks & Benefits @PicnicHealth
At PicnicHealth you get to solve real problems with real solutions, great tech, and great people.
We offer a hybrid set up for our team: team members in the Bay Area can work from the SF office on a flexible schedule; remote team members are expected to travel to in-person gatherings up to 4 times a year. Our next Company Wide Onsite will be in February 2023.
You also get:
- Competitive salary
- Comprehensive benefits including above market Health, Dental, Vision
- Family friendly environment
- Flexible time off
- 401k plan
- Free PicnicHealth account
- Equipment and internet funds for home office set up
COVID-19 Policy
We require proof of up-to-date vaccination for COVID-19, except those with medical or religious exemptions.
Equal Opportunity Statement
PicnicHealth is committed to promoting an inclusive work environment free of discrimination and harassment. We value a diverse and balanced team where everyone can belong.
Tags: Application security C Cloud Compliance Elasticsearch GCP GitHub Grafana Helm HIPAA HITRUST Kubernetes Machine Learning Node.js PostgreSQL Prometheus Python Redis Terraform
Perks/benefits: 401(k) matching Career development Competitive pay Flex hours Flex vacation Health care Home office stipend
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs