Principal Application Security Engineer (Portugal - Hybrid/Remote)

Sword Health is on a mission to free two billion people from pain as the world’s first and only end-to-end platform to predict, prevent and treat pain. 
Delivering a 62% reduction in pain and a 60% reduction in surgery intent, at Sword, we are using technology to save millions for our 2,500+ enterprise clients across three continents. Today, we hold the majority of industry patents, win 70% of competitive evaluations, and have raised more than $300 million from top venture firms like Founders Fund, General Catalyst, and Khosla Ventures. 
Recognized as a Forbes Best Startup Employer in 2023, this award highlights our focus on being a destination for the best and brightest  talent. Not only have we experienced unprecedented growth since our market debut in 2020,  but we’ve also created a remarkable mission and value-driven environment that is loved by our growing team. With a recent valuation of $2 billion, we are in a phase of hyper growth and expansion, and we’re looking for individuals with passion, commitment, and energy to help us scale our impact. 
Joining Sword Health means committing to a set of core values, chief amongst them to “do it for the patients” every day, and to always “deliver more than expected” on behalf of our members and clients.
This is an opportunity for you to make a significant difference on a massive scale as you work alongside 800+ (and growing!) talented colleagues, spanning two continents. Your charge? To help us build a pain-free world, powered by technology, enhanced by people — accessible to all.
We are seeking a highly skilled and experienced Principal Application Security Engineer to join our team. This role will work closely with the development teams to ensure that security is integrated into the software development lifecycle.

What you will do:

• Develop and implement application security best practices, policies, and procedures;
• Conduct regular security assessments and penetration testing to identify and address vulnerabilities;
• Collaborate with the development team to ensure that security is integrated into the software development lifecycle;
• Monitor, analyze, and triage security logs to detect and respond to security incidents;
• Stay up-to-date on the latest security threats and trends, and provide guidance on how to mitigate risks;
• Provide security training and awareness programs to educate employees on secure software development best practices;
• Integrate or build security tools that help to continuously monitor our ecosystem.

What we're looking for:

• Bachelor's degree in Computer Science, Information Technology, or related field;
• 5+ years of experience in application security engineering;
• Strong knowledge of web application security vulnerabilities and best practices;
• Hands-on experience with application security tools such as Snyk, Burp Suite, DefectDojo;
• Experience with cloud security and container security is a plus;
• Hands-on experience in scripting/coding, preferably in Python;
• Excellent communication and interpersonal skills;
• Good verbal and written communication skills in English.

What we'd love to see:

• CISSP, CEH, CSSLP, OSCP, GWAPT or other security certifications are a plus.

*Please note that this position does not offer relocation assistance. Candidates must possess a valid EU visa and be based in Portugal.
US Sword Benefits & Perks: *Eligibility: Full-time employees regularly working 25+ hours per weekComprehensive health, dental and vision insurance*Equity Shares*Discretionary PTO Plan*Parental leave*401(k)Flexible working hoursRemote-first CompanyInternet Stipend for remote workingPaid Company HolidaysFree Digital Therapist for you and your family*Eligibility: Full-time employees regularly working 25+ hours per week
Portugal - Sword Benefits:Health, dental and vision InsuranceMeal AllowanceEquity Shares
Portugal - Sword Perks:Remote Work AllowanceFlexible working hoursWork from homeUnlimited VacationSnacks and BeveragesEnglish ClassUnlimited access to Coursera Learning Platform

*US Applicants Only: Applicants must have a legal right to work in the United States, and immigration or work visa sponsorship will not be provided.*
SWORD Health, which includes SWORD Health, Inc. and Sword Health Professionals (consisting of Sword Health Care Providers, P.A., SWORD Health Care Providers of NJ, P.C., SWORD Health Care Physical Therapy Providers of CA, P.C.*) complies with applicable Federal and State civil rights laws and does not discriminate on the basis of Age, Ancestry, Color, Citizenship, Gender, Gender expression, Gender identity, Gender information, Marital status, Medical condition, National origin, Physical or mental disability, Pregnancy, Race, Religion, Caste, Sexual orientation, and Veteran status.