At 98point6, our mission is bringing technology and medicine together to reinvent primary healthcare. You’ll collaborate with multiple teams, work across disciplines, encountering and conquering many challenges that are new and exciting. Each day you’ll be working towards profoundly transforming primary care.
Your Role and Impact
As a security engineer, you’ll have a central role in shaping our security program, developing secure applications, and building secure infrastructure. You will work with SaaS-based systems that handle federally protected health information; systems which must always be available for our patients, clinical operators and doctors. You will design and implement controls to address real world threats and risks to create a secure experience for everyone who uses our services. You will also support engineering and product teams in threat modeling exercises, risk analysis, design review, and code reviews.
Conduct code reviews of our applications and infrastructure-as-code for security best practices and potential risks
Design, implement, execute and report on penetration tests of our services and infrastructure
Contribute a security perspective to our application and infrastructure design process
Develop threat models for our current and planned systems and infrastructure
Conduct or organize security training and outreach for our development teams
Design and develop security tools to improve our automated monitoring
Identify key performance metrics for security metrics and implement instrumentation for those metrics
Develop and execute our processes for security event incident response
Third-party vendor security assessments and verify security compliance of vendors over time
Bachelor's or master’s degree in computer science, math or equivalent experience
3+ years of experience with any combination of the following: threat modeling, secure coding, application security, identity management and authentication, software development, cryptography, application security, and AWS security
Experience implementing security solutions in mobile apps, web apps, and backend services
Experience writing and reviewing code (Java, Python, C# or similar)
Experience working effectively with software engineering teams
Excellent written and verbal communication skills
Experience responding to security events preferred
Security professional certification preferred (e.g. CISSP, GSEC, CEH)
98point6 provides equal employment opportunities to all without regard to race, color, religion, sex (including sexual orientation or gender identity), national origin, age, disability, genetic information or other protected status.