Cloud Application Security Engineer / Architect
HeartFlow, Colombia

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
IT
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Oct 13, 2021
Last Date
Nov 13, 2021
Location(s)
California, Colombia

Job Description

HeartFlow is a Software as a Service (SaaS) medical device company. We use cutting-edge technology (deep learning, computational fluid dynamics, cloud-based computing) combined with advanced clinical expertise to revolutionize the treatment of coronary artery disease. We have an exciting and challenging opportunity for a talented, highly experienced, Cloud Application Security Engineer (or Architect depending on experience level) with significant hands-on code review, architecture design and analysis experience to help continue to improve the security of our software offerings and continue to shape the foundation and mature our application security program.The Cloud Application Security Engineer is a senior level position that reports directly to the Cloud Security Engineering Manager, but works closely with development teams, product teams, and other teams across the organization to integrate security into the product lifecycle from design through deployment. The Cloud Application Security Engineer is a subject matter expert in defining security requirements, performing application security assessments, and providing developers with remediation guidance and advice. On any given day the Cloud Application Security Engineer can be pulled in to evaluate a new product design, review a proposed network architecture change, or provide guidance on application security coding best practices.
Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks#LI-IB1Job Responsibilities:
  • Perform security design reviews of our products suite (primarily cloud)

  • Perform code analysis of large applications, manually and using SAST and DAST scanning solutions as well as conducting manual vulnerability analysis

  • Provide remediation guidance and recommendations to developers and administrators

  • Interface with the Customer Success team to discuss and track security feature enhancement requests from our global customers

  • Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests

  • Define security best practices and standards and ensure Product Development teams understand them and receive pertinent annual secure coding training

  • Collaborate / work closely with DevOps, SecOps in securing the AWS environment
Skills Needed
  • Experience working with development teams to build secure solutions

  • Experience breaking down complex systems and applications to find flaws

  • Experience as an Application/Product Security Engineer, Engineer or Developer

  • Proficiency in reading, writing, and auditing Python or Javascript and the ability to pick up new languages/technologies

  • Strong familiarity with common vulnerabilities and attack vectors

  • Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs

  • Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments

  • The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management

  • Excellent written and verbal communication skills, interpersonal and collaborative skills

  • Must be a critical thinker, with strong problem-solving skills

  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity

  • Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations and best practices.
Preferred Experience:
  • Experience using a Cloud Security and Posture Management solution (i.e. CloudGuard)

  • Familiarity with the NIST Secure Software Development Framework (SSDF)

  • A background integrating security testing into the SDLC (preferably the SCRUM framework)

  • Experience providing security training to developers

  • Prior work as a consultant at a highly technical information security consultancy

  • Previous work as a technical security Engineer or related security role in a company where there is a commitment to information security and technology

  • Additional programming languages such as Java, Python, Object

  • Demonstrated experience using DAST and SAST tools and services

Location: Redwood City, CA (Pref

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in California Colombia
Jobs in this company

HeartFlow

Information Technology and Services - London, United Kingdom
© Copyright 2004-2024 Mustakbil.com All Right Reserved.