Security and Compliance Engineer
United States
Dimagi, Inc.
Enabling global NGOs with cutting-edge data collection software & digital health solutions. Discover how Dimagi powers impactful frontline work.About Us:
Dimagi is a social enterprise and Benefit Corporation that builds software solutions and provides technology consulting services to improve the quality of essential services for underserved populations. Headquartered in Cambridge, Massachusetts, Dimagi partners alongside governments, leading NGOs, and foundations such as the Bill & Melinda Gates Foundation, USAID, and the World Bank to tackle complex health and social inequities. Our open source technology platform, CommCare, is the world’s most widely-used and researched mobile data collection platform for frontline workers. To date, Dimagi’s team of project managers, engineers, and health experts have supported over 2,000 projects in 80 countries.
About the Position:
Our Global Technology team helps to develop and improve our platform’s architecture design for expressing end-to-end system workflows, both at the functional level and the technical level. Since CommCare is used for applications related to many different types of problems, from agricultural extension education to improving delivery outcomes at birth, the software is written as a portable application engine. That means we don’t often build custom code for specific projects.
Dimagi is looking for a Security and Compliance Engineer to join our Global Technology team and contribute to our SaaS division. This position is open to remote employment within the United States or can be based out of our headquarters in Cambridge, MA.
Responsibilities of this role:
- Work directly with auditors and security consultants on matters of security posture and system compliance
- Improve the capabilities and efficiencies of our security and compliance control mechanisms by developing new software features and automating processes
- Work on matters of security including application security, security best practices, and security-related features
- Collaborate with our multicultural development and implementation teams around the globe in order to deliver high quality security features and functionality
- Contribute to a productive culture of code reviews and provide useful feedback
- Enhance Dimagi’s offerings while using modern best-practices such as version control, continuous integration, automated tests, daily deploy and cloud infrastructure tools
- Identify areas for improvement for their immediate team and propose solutions to the engineering managers/tech leads
- Mentor and assists more junior team members
Relevant Skills:
- 5+ years of software development experience
- Experienced in developing enterprise-quality software in a high-level language such as Python or Ruby
- Familiar with common security approaches at both a cloud appliance and software development practice level
- Familiar with common compliance standards, and willing to become an expert in Dimagi’s scopes of compliance like HIPAA, GDPR, etc.
- Able to identify and mitigate common application security vulnerabilities such as the OWASP top 10
- Familiar with building backend software for the web
- Fluency in written and spoken English
- Excellent verbal and written communication skills
- Authorized to work in the United States
Bonus Skills:
- Passionate about “human-centric” security approaches, and identifying usable and practical software solutions to challenges
- Familiarity with some components of our tech stack. We use Python, Django, Postgres, CouchDB, Elasticsearch, Javascript
- Bachelors or Masters Degree in Computer Science, Computer Engineering, or equivalent experience
- Enthusiasm about working in public health and international development
Please Note: The interview process for this position involves an initial recorded interview, a short coding exercise, and virtual interviews. If you would like to request a reasonable accommodation, please send an email to accommodations@dimagi.com with details regarding your request.
Benefits and Compensation
We aim to make a difference, not just as a company but also as an employer. We are transparent about salaries at all levels of the organization and have a standard, global pay scale for all positions. Our salaries are cost of living adjusted and non-negotiable. The estimated salary range for this position is 89,054 - 133,776 USD annually. Your final salary within the range will be dependent on where you are geographically based and might fall outside of this estimated range.
The benefits we offer are geared towards having a strong impact on our staff’s well-being. A few of our key benefits are outlined below:
- 100% employer-sponsored medical insurance paired with a generous Health Reimbursement Account (HRA) fund
- Access to voluntary dental and vision insurance plans
- A 401K plan with up to a 4% employer match
- Employee stock option plan
- 30 days paid time off inclusive of holidays
- Unlimited sick time and excellent parental leave policy
- Access to a flex-time policy that allows employees to work based on a flexible work schedule
- Professional Development Benefit
- Access to an Employee Assistance Program (EAP) through Magellan Healthcare
EEO Employer/Veteran/Disabled
Dimagi is an Equal Opportunity Employer. We celebrate and support diversity and are committed to providing a work environment that is inclusive and free of discrimination and harassment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Tags: Application security Cloud Compliance Computer Science Django Elasticsearch GDPR HIPAA JavaScript Open Source OWASP PostgreSQL Python Ruby SaaS Vulnerabilities
Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs