Python Security Engineer at Doctor On Demand

Job: Python Security Engineer

This job was posted over 90 days ago and may no longer be available.

Python Security Engineer

We’re looking for an engineer to be the point person for our application and infrastructure-level security at Doctor On Demand. Currently, these duties are split between the CTO and CSO and backed by an engineering and IT team that is security-conscious and takes our stewardship of people’s health information very seriously. A successful candidate for this position will be comfortable evaluating existing code and architecture for vulnerabilities, ensuring that we continue to implement SDLC best practices, and managing our penetration testing pipeline.

This hire will have a huge opportunity to influence the overall direction of this part of the company and will report directly to the CSO.

Responsibilities:

Manage the application and infrastructure security of our HIPAA-compliant platform
Triage, verify and manage resolution of all issues identified via our continuous penetration testing partnership with Synack
Be the primary point of contact for the Security email address
Advise the CSO, CTO, and VP of Engineering on security tooling and best practices
Organize and implement Red Team / Blue Team exercises
Educate the engineering and IT teams on security best practices
Track and audit software dependencies; ensure all security patches are applied
Improve our existing SDLC and breach detection and recovery processes
Produce documentation for security audits and certifications (e.g. HITRUST)
Review pull requests related to authorization / authentication and other sensitive areas
Evaluate technical architecture proposals from a security perspective

Requirements:

Expertise in web application security (OWASP Top 10)
Experience working with Django and Python
Experience with cloud security best practices
Knowledge of SDLC best practices
Ability to identify the root cause of an issue and follow-up with the appropriate team members
Experience mapping security controls to audit requirements
Strong interpersonal and oral / written communication skills
Experience working in a HIPAA-compliant environment
Experience securing containerized applications managed with Kubernetes on GCP
Experience with HITRUST certifications

Bonus Points:

Be a core leading member of a small, elite product/engineering team
Be part of a startup that is gaining national recognition and improving healthcare for millions of people
Flexible work hours and fun, fast-paced environment
Strong remote and work-from-home culture
Full benefits + competitive compensation
Unlimited PTO, wellness allowance and others

Desired Skills

Contact Info

Company Website: https://www.doctorondemand.com/

Posted: July 14, 2019

Full-time

Save Job

Apply

Get Updates

Automate the Boring Stuff with Python 2nd Edition