Chicago, IL

Application Security Engineer



Job Description

Avaneer Health's mission is to unlock the potential of healthcare to do more for people. Built on blockchain technology to ensure privacy and reduce the costs of data exchange, we serve providers of services across the healthcare industry. Avaneer Health is a member-based, secure and open network supporting utilities developed for and by the healthcare industry. We will play a key role in transforming how the industry operates to address consumers' needs more effectively by removing administrative barriers and other inefficiencies that disrupt delivery of care.

Please note: Avaneer Health will never ask you for your banking information or send you a check to purchase equipment.

Avaneer Health is seeking an Application Security Engineer who will be responsible for improving the security of Avaneer applications and supporting technology platforms. This is a remote position and can be based anywhere in the US.

We are looking for a motivated, self-sufficient individual capable of hitting the ground running. As an Avaneer Health Security Team member, solid communication skills and a strong sense of accountability are critical.

Initially, this role will serve as a security subject matter expert in a consultative capacity with the development teams through the software engineering process. The primary task will be to build security best practices into the software development lifecycle by way of:

  • Engaging with developers daily on various projects.
  • Creating processes and developing secure coding practices, policies, standards, and procedures.
  • Conduct security reviews and remediation at various stages of the SDLC.
  • Implementing new technologies and solutions.

Responsibilities

  • Participate in and support application security reviews and threat modeling, including code review and dynamic testing.
  • Own and perform application security vulnerability management.
  • Facilitate and support the preparation of security releases.
  • Support and consult with product and development teams in application security.
  • Assist in the creation of security training.
  • Assist in developing automated security testing programs to validate “coding best practices.”

Requirements

  • a Minimum of 5 years Experience with Application Security Testing/Scanning
  • Experience with Version Control and SDLC
  • Experience with Bitbucket, Atlassian, Git
  • Experience with mTLS
  • Experience with Containers: Kubernetes, Docker.
  • AWS and Azure Cloud experience
  • Experience with OWASP and standard security tools.
  • Experience with YAML, Go code, JSON, HCL terraform, Blockchain (Hyperledger Fabric)
  • Experience with shared security libraries, security controls, and common security flaws.
  • Thorough understanding of automation tools such as CloudFormation, Terraform.
  • A thorough understanding of network and web-related protocols (such as DNS, TCP/IP, UDP, HTTP, HTTPS, protocols).
  • Professional communication skills, both written and verbal, with an ability to articulate complex topics clearly and concisely.
  • Experience identifying security issues through code review.
  • Develop security training and socialize the material with internal development teams.

Powered by JazzHR

Xjxzo1EX6j

Recommended Skills

  • Amazon Web Services
  • Application Security
  • Bitbucket
  • Blockchain
  • Cloud Computing
  • Cloudformation
Click here to apply
Browse other jobs
« Finance Operations Analyst
OTR Driver »