We are seeking a Senior Security Engineer to secure our SDLC and CI/CD pipelines, and improve the overall posture of our organization. As a Senior Security Engineer, you will implement our vulnerability management and penetration testing programs across production applications and infrastructure, track and mitigate risks caused by dependencies, and collaborate with our Engineering Team to push patches identified by such.

Our ideal candidate will have a minimum of 5 years of experience in information systems, with a relevant credential and/or education to match. You need to be proficient with development operations best practices (ie: OWASP Top 10, NIST CSF, etc.), with experience in security engineering and administration. In addition, you will have excellent written and oral communication skills and in discussing technical information with both technical and non-technical audiences. 

Responsibilities

  • Design solutions and processes to identify, resolve and mitigate security vulnerabilities and risks
  • Research threats and attack vectors that impact Overjet’s applications and infrastructure
  • Devise and bolster defense-in-depth through secure-by-default frameworks, architectures and processes
  • Mentor and share security and privacy best practices with all parts of the organization

Qualifications

  • An affinity and experience with an automation and development-based approach for security controls
  • Strong threat modeling abilities for security risks
  • Technical architecture and leadership experience in developing security control strategies, iterative design, and product ownership
  • Strong collaboration skills to work with a range of stakeholders from engineers, clinicians, and partners around the world
  • Strong desire to take ownership of problems and act on them independently in a rapidly evolving environment
  • A continual desire to inform, evangelize and educate others through strong written and verbal communications

Bonus

  • Proficient with GCP or other cloud platforms, Github, Jira
  • Knowledge with Okta, Google, Jamf, macOS, Slack, Zoom
  • Experience working at a healthcare organization
  • Knowledge of regulatory compliance frameworks: HITRUST, FDA, ISO 2700X, SOC 2
  • BS Computer Science, Information Systems, or Cybersecurity
  • Certifications: CCSP, CSSLP, CISSP, HCISPP

Apply for this Job

* Required