Senior Security Engineer
3 weeks ago
Hinge Health Hybrid Model:
We believe that remote work and in-person work have their own advantages and disadvantages, and we want to be able to leverage the best of both worlds. Employees in hybrid roles are required to be in the office 2 days/week. We will be expanding to 3 days/week in the office beginning April of 2024.
About the Role
We’re looking for a detail oriented and technically proficient individual to join us in maturing the Product Security group within the Security team. This function is growing, and you will have an opportunity to help shape the group's direction and grow with it. Security Engineers work directly with our Product and Engineering teams to integrate security into the entire Software Development Life Cycle. This includes, working with Product Managers on the design of new or changing features that affect security controls, working with developers on secure methods to implement those features, and working with the infrastructure team to design and deploy a secure platform to run Hinge Health applications. They are expected to proactively identify, assess, advise and assist in the prioritization and remediation of source code security vulnerabilities. Security Engineers are expected to do so using multiple methods and tools including but not limited to manual penetration testing, outputs from automated security scanning tools including Software Composition Analysis, Static Application Security Testing, Dynamic Application Security Testing, and the findings from third-party application penetration tests. Security Engineers also work with the Security Operations and Infrastructure teams to deploy and maintain security tools within the Hinge Health environment and assist in the tuning of these tools. Security Engineers may also advise or implement the proper security controls on cloud platforms as required to meet security and compliance standards. Security Engineers will be part of the incident response team as subject matter experts as needed. They may also be called upon as subject matter experts to assist other teams with third party security assessment requests.The ideal candidate will have experience securing, hardening, and identifying vulnerabilities in web applications, RESTful APIs, and mobile applications (iOS and Android) in a cloud hosted microservice environment. We are looking for an individual who can take a risk-based approach to prioritizing the various aspects of a successful product security program. They should be ready to independently jump in to ask questions and understand the environment and identify potential issues while balancing their findings based on risk and company priorities.The ideal candidate will also have experience implementing and interpreting the results of automated security scans using SCA, SAST and DAST tools and in performing security assessments and penetration tests of web applications and API endpoints and mobile applications They will also have experience assessing the security of cloud(IaaS) infrastructure, ideally including interpreting automated static scans of Infrastructure as Code should be enthusiastic about working to help improve all aspects of the Software Development Life Cycle and working with product managers to create a secure and delightful experience for Hinge Health customers.WHAT YOU’LL ACCOMPLISH
Implement automated security scanning tools and perform manual security assessments including source code review to harden Hinge Health web applications and API microservices.Enable the product teams to create secure by design product features and services by working alongside product managers and engineers during the design phase of projects.Assist with third party security assessments and penetration tests of Hinge Health web applications, API endpoints, and mobile applications, including interpretation of results and verification of remediations.Contribute to the improvement of Software Development Life Cycle management policies, procedures, and standards.
WHAT WE'RE LOOKING FOR
Automated Security Testing: Ability to configure and automate security scans as part of the CI/CD process, interpret the results and work directly with engineers on prioritization and remediation.Secure Coding Practices: Ability to examine source code in multiple languages to evaluate controls. Be able to identify common coding and design vulnerabilities. Deep understanding of OWASP Top 10 and other common security flaws.Communication: Ability to partner with engineers and product managers to implement security by design.Judgment: Ability to assess the risk of vulnerabilities, tradeoffs in designs, etc. to categorize and prioritize remediation work.Incident Handling: Be able to work as a subject matter expert in the security controls, internal communications, and infrastructure of Hinge Health applications during security incidents.Proactive: Enjoys proactively, asking questions and examining systems and processes for possible flaws and reaching out to relevant teams to identify and verify vulnerabilities that may not have been found by automated scanning and schedule manual reviews.
BONUS
Experience securing applications in Health Care, securing ePHI and HIPAA/HITECH regulations.Familiarity with HITRUST CSF and NIST control frameworks.Experience in Threat ModelingExperience performing security assessments and secure design of hardware and firmware of medical devices communicating over BluetoothExperience with any of the following, deploying web based services on AWS infrastructure, Kubernetes, Typescript, ReactNative, Ruby on Rails, GraphQL, IaC using Terraform.
-
Senior Engineer
2 days ago
Bengaluru, India First Advantage Full timeWho You Are:You are self-motivated and ready to “roll up your sleeves." While you are an independent contributor, you are also collaborative. You can spearhead a project and see it through from start to completion.As a team player, you navigate cross-functional teams and work well with team members in other business units and departments toward a common...
-
Senior Engineering Manager
4 weeks ago
Bengaluru, India Rippling Full timeAbout RipplingRippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for example....
-
Senior Engineering Manager
4 weeks ago
Bengaluru, India Rippling Full timeAbout RipplingRippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for example....
-
Senior Engineer
4 weeks ago
Bengaluru, India First Advantage Full timeWho You Are: You are self-motivated and ready to “roll up your sleeves." While you are an independent contributor, you are also collaborative. You can spearhead a project and see it through from start to completion. As a team player, you navigate cross-functional teams and work well with team members in other business units and departments toward a common...
-
Senior Engineering Manager
4 weeks ago
Bengaluru, India Rippling Full timeAbout Rippling Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system. Take onboarding, for...
-
Senior Application Security Engineer
3 weeks ago
Bengaluru, India Zynga Full timeAVAILABLE POSITIONS Senior Application Security EngineerCareers Category:EngineeringCareers location:Bengaluru, IndiaConnected Worker Type:ConnectedR_111904Job Summary:We are currently seeking a Senior Application Security Engineer to join our Product Security team. The team assesses, enables, and influences the secure design, development, operation and...
-
Senior Engineer, Security Engineering
2 days ago
Bengaluru, India News Corp Full timeJob Description:Job Title:Senior Engineer, Security EngineeringJob Location:Bengaluru, KarnatakaWork Arrangement:Hybrid (3 days per week in office)Responsibilities:Build automation to provide for cybersecurity, CI/CD or similar applicationsExpected to be aware of IaaS, SaaS and PaaS technologies and have the ability to learn new services and techniques...
-
Senior Engineer, Security Engineering
4 weeks ago
Bengaluru, India News Corp Full timeJob Description : Job Title: Senior Engineer, Security Engineering Job Location: Bengaluru, Karnataka Work Arrangement: Hybrid (3 days per week in office) Responsibilities: Build automation to provide for cybersecurity, CI/CD or similar applications Expected to be aware of IaaS, SaaS and PaaS technologies and have the ability to...
-
Senior Engineering Manager
4 weeks ago
Bengaluru, India Rippling Full timeAbout Rippling Rippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform. By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for...
-
Senior Engineering Manager
1 month ago
Bengaluru, India Rippling Full timeAbout Rippling Rippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for...
-
Senior Engineering Manager
4 weeks ago
Bengaluru, India Rippling Full timeAbout Rippling Rippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for...
-
Senior Security Engineer
3 weeks ago
Bengaluru, India Ethos Full timeAbout EthosEthos was built to make it faster and easier to get life insurance for the next million families. Our approach blends industry expertise, technology, and the human touch to find you the right policy to protect your loved ones.We leverage deep technology and data science to streamline the life insurance process, making it more accessible and...
-
Senior Security Engineer
4 weeks ago
Bengaluru, India HappyFox Full timeWe’re looking for an experienced Security Engineer with at-least 5+ years of experience to join our Product Engineering teams to help keep our products secure.Responsibilities: Perform manual and automated application penetration tests and provide suggestions to harden our productsParticipate regularly in development and release process to identify and...
-
Senior Security Engineer
12 hours ago
Bengaluru, India Flipkart Full timeAbout the team: The Security Standards team is a part of the central Information security function which is primarily responsible for security standards, secure configuration reviews, architecture reviews, validating efficacy and efficiency of the existing security controls, threat modeling, assessment of the various security controls / technologies based...
-
Senior Security Engineer
4 weeks ago
Bengaluru, India Ethos Full timeAbout Ethos Ethos was built to make it faster and easier to get life insurance for the next million families. Our approach blends industry expertise, technology, and the human touch to find you the right policy to protect your loved ones. We leverage deep technology and data science to streamline the life insurance process, making it more accessible...
-
Senior Software Engineer
2 weeks ago
Bengaluru, India Cephas Consultancy Services Private Limited Full timeOur team has partnered with a company in the robotics sector area to provide them with high-quality candidates for their software engineering department. We commit to fast responses and complete transparency throughout your entire job search. We look forward to working with you. Job Overview :This company is looking to expand its offerings and is looking for...
-
Senior Security Engineer
2 weeks ago
Bengaluru, India Navi Full timeAbout NaviNavi is one of the fastest-growing financial services companies in India providing Personal & Home Loans, UPI, Insurance, Mutual Funds, and Gold. Navi's mission is to deliver digital-first financial products that are simple, accessible, and affordable. Drawing on our in-house AI/ML capabilities, technology, and product expertise, Navi is dedicated...
-
Senior Security Engineer
2 weeks ago
Bengaluru, India Navi Full timeAbout NaviNavi is one of the fastest-growing financial services companies in India providing Personal & Home Loans, UPI, Insurance, Mutual Funds, and Gold. Navi's mission is to deliver digital-first financial products that are simple, accessible, and affordable. Drawing on our in-house AI/ML capabilities, technology, and product expertise, Navi is dedicated...
-
Senior Identity and Security Engineer
15 hours ago
Bengaluru, India Unity Full timeRole DescriptionThe opportunityJoin our dynamic IT team at Unity, a leading software company renowned for innovation and excellence. As a Senior Okta and Identity Engineer, you will play a pivotal role in shaping the security and identity management landscape of our organization. This position offers the unique opportunity to work on cutting-edge...
-
Cyber Security Engineer
3 days ago
Bengaluru, India Mindsprint Full timePosition: Sr Engineer /Lead Engineer - Cyber SecurityLocation: Chennai/BangaloreSummary:We're seeking a seasoned Senior Cyber Security Engineer with 6-8 years of experience to fortify our team. Your role involves ensuring the security of cloud infrastructure and applications through meticulous assessment and implementation of robust security measures.Key...
