Security Engineer

CareRev, a 100% remote company, is bringing the future of work to Healthcare. We are developing a robust marketplace that connects trusted Healthcare professionals to relevant per diem shift opportunities. We are working to change the traditional relationship between Healthcare professionals and Healthcare facilities alike, aiming to build a future that ensures people who work in Healthcare have better tools and are empowered to be the healers they want to be.

What You'll Do as a Security Engineer at CareRev is work closely with the Security Department to provide centralized application security expertise and support to our engineering and product teams to ensure that security controls requirements are being met, that security controls are implemented consistently in accordance with policies, and assist in developing and implementing appropriate security controls to meet all applicable industry security frameworks. You'll work with the Security and Engineering Managers as well as members of the Engineering and Product teams to identify and remediate vulnerabilities identified from all sources and methods of vulnerability detection, from SDLC through operational stages, ensuring security is integrated into the software development lifecycle. You may also work with the DevOps team to support the development and operations of automated security tools to monitor, alert, and report activity and potential threats. You will contribute to the review, triage, and resolution of security defects while continuing to build a scalable security program for our growing organization.

What We're Looking for

While you should have many of these skills, not all are required.

• 2+ years of recent application security focused experience and 2+ years of prior experience as a software developer or engineer
• 2+ years experience with OWASP, static/dynamic analysis, and common exploit tools and methods.
• 2+ years working in a environment subject to security compliance (e.g. SOC 2 Type 2, ISO 27001, PCI, HIPAA, etc)
• Software analytics or database experience
• Familiarity with Heroku, AWS, and/or Google Cloud
• Experiential understanding of the Software Development Lifecycle (SDLC)
• Experience with testing development frameworks using Ruby and/or similar languages (Python, Perl, PHP, JS, Elixir)
• Knowledge of and experience with native iOS and/or Android development
• Ability to collaborate and work directly with security and software teams to enhance the security posture of their systems
• Aptitude for managing projects through relationships and influence
• Technical and security related degrees or certifications a plus

A Few Reasons to Consider Us

• Comprehensive medical, dental, and vision benefits
• Generous paid holidays & unlimited PTO
• Partial 401k matching
• 100% remote + office equipment reimbursement
• Come help us change the future of healthcare work

CareRev is building the #1 staffing platform for healthcare professionals. We partner with hospitals and medical centers across the US, and book thousands of specialized professionals through our app every month. We are putting transparency, fairness, and trust back on the table. We are excited to grow our team of 150+ employees distributed across the US in a remote environment! We deeply value changing the world for the better and work toward diversity across our teams while we scale our teams in breadth and volume. To date, CareRev has raised $50M in funding. In addition, CareRev has a fantastic group of investors, including Transformation Capital, top Healthcare VC firms, Y Combinator partners, and alumni. 

CareRev is 100% remote. We have small offices in Los Angeles, CA (Venice/Mar Vista) and Chicago, IL open for use by team members.

CareRev is an equal opportunity employer and will not discriminate against any employee or applicant for employment in an unlawful manner. We celebrate diversity and are committed to creating an inclusive environment for all individuals. CareRev treats all employees and job applicants based on merit, qualifications, and competence without regard to any qualified individuals' sex, race, color, religion, national origin, ancestry, gender (including pregnancy, breastfeeding, or related medical condition), sexual orientation, gender identity, gender expression, age, physical or mental disability.