Let’s get to know each other

At Care/of, we help people remove obstacles to living a healthy life by delivering personalized, science-backed vitamins and protein straight to their door in convenient daily packs. As a fast-growing, venture-backed wellness startup, our technology makes it easy (and even fun) for people to get a custom vitamin and protein recommendation based on their diet and health goals — goodbye, guesswork! We aim to help people feel empowered to make the right choices for their health by being transparent about the research behind our recommendations and thoughtful about the quality of our products.

Care/of launched in 2016 and is headquartered in New York City. To date, Care/of has raised over $42M from top investors including Goldman Sachs Investment Partners, Goodwater Capital, Tusk Ventures, RRE Capital, and Juxtapose.

Our Technology Team:

As a team, we live by and work by our values: be honest, be humble, be thoughtful, and be different; we are building a platform and creating products that we truly believe in and reflect our strong core values. Our technology team is small but mighty, the fifteen of us collaborate closely and work together to build our user-facing website and app and our fulfillment tech, all while making sure we protect our customers’ data from any threats that might exist. If any of this excites you, why not say hello?

Our Technology:

Our customer-facing website is built using technologies such as Ruby on Rails, React, and Javascript (ES7). Our customer-facing native app is written in React Native.

Our fulfillment center technology is built using Ruby and Node.js

What you’ll do:

You'll be the first Security Engineer at the company and will work with our CTO to define a security culture + roadmap.

Lead and work alongside the engineering team to focus on improving cloud and application security measures and integrate new and support existing security applications
Architect and build tooling to support all aspects of Security
Collaborate with diverse teams throughout the organization, guiding their adoption and improvement of security practices as we continue to scale our infrastructure and business

Who you are:

You are someone who is passionate about security to help us continue improving our commitment to our users. You thrive in fast-paced and every-changing environments, and are self-motivated and results-oriented.

5+ years of direct hands-on product security engineering experience
Strong foundation in and an in-depth technical knowledge of application security, particularly web application and ios security.
Expertise in application security related concepts, such as authentication, authorization, data integrity, session management, access controls, and input/output handling
Strong understanding of cryptographic algorithms and protocols.
Well versed in cloud security (preferably AWS & Heroku), and an understanding of common exploitation techniques against AWS/Heroku accounts.
Experienced with security tools like Burp or Zap, and other proxies and conducting application penetration tests.
Experience in managing a bug bounty and vulnerability management programs
Proficient in one or more of the programming languages (Ruby, Node.js)
Appetite to learn new stuff

Extra carrots 🥕 (preferred, but not required):

Experience with project and roadmap planning.
Experience writing high-quality software from inception to execution to deployment
DevOps experience, especially with Heroku, GitHub, EC2, S3, Redshift, Segment

Even if you don’t meet all the requirements, we still encourage you to apply! If you’re submitting a cover letter, please note what makes you perfect for this role with the qualifications you have.

Why Care/of:

Competitive salary + compensation package
Competitive insurance packages with free medical, dental, vision plans.
Unlimited vacation time because you deserve it.
Free vitamins and powders 💊
Wellness perks with free access to online meditation services + fitness reimbursements (at-home workouts count!)
Virtual team-building events because we value staying connected and building community.
Socially and culturally relevant experiences geared towards personal + professional learning & development.
Working with an amazing, fun-loving, spirited group of people.

Our Core Values:

Be Humble: Engage in debate with an open mind. Embrace feedback and being wrong when presented with data that shows there is a better option.

Be Honest: Deliver the truth with humor and love. Recognize and stand up against discrimination on the basis of race, sex, gender, sexual orientation, religious background, or mental and physical abilities - in our work and beyond.

Be Thoughtful: Attack hard problems with thoughtful tenacity. Don’t shy away from complex problems with complex solutions.

Be Different: Kill your darlings. Don’t be afraid to rewrite something once effective, loved, or widely accepted in the past. Evolution is wonderful. Push against banality and the status quo.

Our commitment to you:

At Care/of, we’re committed to building the best team we can. We hire for potential and support every team member through each step of their career development. Building a diverse, equitable, and inclusive space for our team to think differently and push the status quo is incredibly important to us; and we strive to use these guiding principles as the foundation for how we interact with each other, how we build our business, and how we hold ourselves accountable to our core values.

Care/of does not discriminate and will not make any hiring decisions based on your race, color, religion, gender identity or expression, sexual orientation, national origin, age, military service eligibility, veteran status, marital status, disability, or any other protected class. If you have a disability and require accommodation during our interview process, please let us know how we can help make the interview process fair to your needs.

Apply for this Job

* Required

First Name

Last Name

Phone

Resume/CV

Attach Dropbox Google Drive Paste

Cover Letter

Attach Dropbox Google Drive Paste

LinkedIn Profile

How did you hear about this job?

Will you now or in the future require sponsorship for an immigration-related employment benefit?

For purposes of this question, "sponsorship for an immigration-related employment benefit" means "an H-1B, O-1, E-3, TN or 'job flexibility benefit' (I-140 portability or Adjustment of Status portability) for adjustment status applications pending for 180 days or longer.

U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at Care/of are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

Autism
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
Blind or low vision
Cancer
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or hard of hearing
Depression or anxiety
Diabetes
Epilepsy
Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
Intellectual disability
Missing limbs or partially missing limbs
Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

Disability Status

¹Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Senior Security Engineer