Let’s get to know each other
At Care/of, we help people remove obstacles to living a healthy life by delivering personalized, science-backed vitamins and protein straight to their door in convenient daily packs. As a fast-growing, venture-backed wellness startup, our technology makes it easy (and even fun) for people to get a custom vitamin and protein recommendation based on their diet and health goals — goodbye, guesswork! We aim to help people feel empowered to make the right choices for their health by being transparent about the research behind our recommendations and thoughtful about the quality of our products.
Care/of launched in 2016 and is headquartered in New York City. To date, Care/of has raised over $42M from top investors including Goldman Sachs Investment Partners, Goodwater Capital, Tusk Ventures, RRE Capital, and Juxtapose.
Our Technology Team:
As a team, we live by and work by our values: be honest, be humble, be thoughtful, and be different; we are building a platform and creating products that we truly believe in and reflect our strong core values. Our technology team is small but mighty, the fifteen of us collaborate closely and work together to build our user-facing website and app and our fulfillment tech, all while making sure we protect our customers’ data from any threats that might exist. If any of this excites you, why not say hello?
Our fulfillment center technology is built using Ruby and Node.js
What you’ll do:
You'll be the first Security Engineer at the company and will work with our CTO to define a security culture + roadmap.
- Lead and work alongside the engineering team to focus on improving cloud and application security measures and integrate new and support existing security applications
- Architect and build tooling to support all aspects of Security
- Collaborate with diverse teams throughout the organization, guiding their adoption and improvement of security practices as we continue to scale our infrastructure and business
Who you are:
You are someone who is passionate about security to help us continue improving our commitment to our users. You thrive in fast-paced and every-changing environments, and are self-motivated and results-oriented.
- 5+ years of direct hands-on product security engineering experience
- Strong foundation in and an in-depth technical knowledge of application security, particularly web application and ios security.
- Expertise in application security related concepts, such as authentication, authorization, data integrity, session management, access controls, and input/output handling
- Strong understanding of cryptographic algorithms and protocols.
- Well versed in cloud security (preferably AWS & Heroku), and an understanding of common exploitation techniques against AWS/Heroku accounts.
- Experienced with security tools like Burp or Zap, and other proxies and conducting application penetration tests.
- Experience in managing a bug bounty and vulnerability management programs
- Proficient in one or more of the programming languages (Ruby, Node.js)
- Appetite to learn new stuff
Extra carrots 🥕 (preferred, but not required):
- Experience with project and roadmap planning.
- Experience writing high-quality software from inception to execution to deployment
- DevOps experience, especially with Heroku, GitHub, EC2, S3, Redshift, Segment
Even if you don’t meet all the requirements, we still encourage you to apply! If you’re submitting a cover letter, please note what makes you perfect for this role with the qualifications you have.
- Competitive salary + compensation package
- Competitive insurance packages with free medical, dental, vision plans.
- Unlimited vacation time because you deserve it.
- Free vitamins and powders 💊
- Wellness perks with free access to online meditation services + fitness reimbursements (at-home workouts count!)
- Virtual team-building events because we value staying connected and building community.
- Socially and culturally relevant experiences geared towards personal + professional learning & development.
- Working with an amazing, fun-loving, spirited group of people.
Our Core Values:
Be Humble: Engage in debate with an open mind. Embrace feedback and being wrong when presented with data that shows there is a better option.
Be Honest: Deliver the truth with humor and love. Recognize and stand up against discrimination on the basis of race, sex, gender, sexual orientation, religious background, or mental and physical abilities - in our work and beyond.
Be Thoughtful: Attack hard problems with thoughtful tenacity. Don’t shy away from complex problems with complex solutions.
Be Different: Kill your darlings. Don’t be afraid to rewrite something once effective, loved, or widely accepted in the past. Evolution is wonderful. Push against banality and the status quo.
Our commitment to you:
At Care/of, we’re committed to building the best team we can. We hire for potential and support every team member through each step of their career development. Building a diverse, equitable, and inclusive space for our team to think differently and push the status quo is incredibly important to us; and we strive to use these guiding principles as the foundation for how we interact with each other, how we build our business, and how we hold ourselves accountable to our core values.
Care/of does not discriminate and will not make any hiring decisions based on your race, color, religion, gender identity or expression, sexual orientation, national origin, age, military service eligibility, veteran status, marital status, disability, or any other protected class. If you have a disability and require accommodation during our interview process, please let us know how we can help make the interview process fair to your needs.