Application Security Engineer
Remote
Are you an Application Security Engineer who is passionate about empowering engineering teams to build secure software? Redox is searching for an exceptionally talented Application Security Engineer to join our Security Team. In this role, you will set the direction for our application security processes, tools, and capabilities. Redox is an engineering-first company, building the future of healthcare information exchange,the platform to help power healthcare companies and applications to work together!
About Redox - Take a look here: https://youtu.be/4OjENXR6UXA
What We DoHealthcare organizations and technology vendors connect to Redox once, then authorize what data they send to and receive from partners through a centralized hub. Redox's cloud-based platform is vendor and standards agnostic and enables the secure and efficient exchange of healthcare data.
This approach eradicates the need for point-to-point integrations and accelerates the discovery, adoption, and distribution of patient and provider-facing technology solutions. With hundreds of healthcare organizations and technology vendors exchanging data today, Redox represents the largest interoperable network in healthcare. Learn how you can leverage the Redox platform at www.redoxengine.com.
Other Stuff About UsRedox is an EEO company. We fully support the diversity of our team! Here's a recent blog post about our stance on diversity and belonging: Diversity at Redox
We believe in holding ourselves to a high standard of conduct. Here's how we think about this: Redox Code of Conduct
Successful candidates must be eligible to be employed in the US, and must reside in the US.
Thank you for your interest in Redox!
What You'll Do:
- Be an active voice in our small, focused security team as the primary engineer responsible for Application and Product Security.
- Coordinate and manage our penetration testing and bug bounty programs.
- Empower Redox to reduce avoidable vulnerabilities introduced into code, reduce the time to detect vulnerabilities that do exist, and mitigate vulnerabilities detected as quickly as possible.
- Approach securing our company pragmatically, empathizing with engineers, developers and security champions to understand their needs.
- Perform risk assessments, threat models and code reviews for our application.
- Communicate issues and progress on complex problems in terms easily understood by stakeholders.
- Support and build valuable training activities that uplift developer awareness of secure coding practices.
- Build and maintain tools that detect potential security issues within our development pipeline.
- Maximize security impact and reduce risk while minimizing the negative impact on our businesses and developer velocity.
- Mentor and guide engineering teams on best practices for keeping our applications secure.
Your Background and Experience:
- Knowledge of current application security vulnerabilities, how to detect them, how to prevent them and how to create awareness of them.
- Proficiency and hands-on experience using tools to which can detect security vulnerabilities, both statically and dynamically.
- Experience securing Javascript, NodeJS and Typescript applications.
- Experience with containerized and application mesh architectures.
- Ability to communicate complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.
- Ability to be an individual contributor as well as a team player
- Experience with manual and automated techniques for penetration testing and executing vulnerability assessments.
- Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, etc.)
- Experience running threat modeling sessions with engineering teams.
Bonus Points!
- Securing applications based on AWS Technologies.
- Offensive security (OSCP) certifications.
- Docker/K8 hardening experience.
About Redox - Take a look here: https://youtu.be/4OjENXR6UXA
What We DoHealthcare organizations and technology vendors connect to Redox once, then authorize what data they send to and receive from partners through a centralized hub. Redox's cloud-based platform is vendor and standards agnostic and enables the secure and efficient exchange of healthcare data.
This approach eradicates the need for point-to-point integrations and accelerates the discovery, adoption, and distribution of patient and provider-facing technology solutions. With hundreds of healthcare organizations and technology vendors exchanging data today, Redox represents the largest interoperable network in healthcare. Learn how you can leverage the Redox platform at www.redoxengine.com.
Other Stuff About UsRedox is an EEO company. We fully support the diversity of our team! Here's a recent blog post about our stance on diversity and belonging: Diversity at Redox
We believe in holding ourselves to a high standard of conduct. Here's how we think about this: Redox Code of Conduct
Successful candidates must be eligible to be employed in the US, and must reside in the US.
Thank you for your interest in Redox!
Tags: Application security AWS Cloud Docker JavaScript Node.js Offensive security OSCP Pentesting Product security Python Ruby Scripting TypeScript Vulnerabilities
Perks/benefits: Flex vacation Team events
Region:
Remote/Anywhere
Job stats:
41
9
0
Categories:
AppSec Jobs
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs