Lead App Security Engineer

2 weeks ago

bangalore, India Hinge Health Full time
Hinge Health is moving people beyond pain by transforming the way it is treated and prevented. Connecting people digitally and in-person with expert clinical care, we combine advanced technology, AI and a care team of experts to guide people through personalized care directly from their phone. Our approach is proven to reduce pain by 68%, prevent 42% of new opioid prescriptions, and avoid more than half of joint replacement surgeries. Available to 18M people, Hinge Health is trusted by leading health plans and employers, including Land O’Lakes, Bean, Salesforce, Self-Insured Schools of California, Southern Company, State of New Jersey, US Foods, and Verizon.Learn more at Here at Hinge Health, we welcome all applicants and know a diverse team makes us better and stronger. We look for individuals who embody our leadership principles and we value varied experiences and skill sets. Beyond specific work experience, we also look for unique capabilities and skill sets that are key indicators an applicant will thrive in our fast-paced, frequently evolving environment. If this sounds like the kind of place you’d like to be part of, please apply - we would love to hear from you Hinge Health Hybrid Model: We believe that remote work and in-person work have their own advantages and disadvantages, and we want to be able to leverage the best of both worlds. Employees in hybrid roles are required to be in the office 3 days/week. About the Role We’re looking for a detail oriented and technically proficient individual to join us in maturing the Product Security group within the Security team. This function is growing, and you will have an opportunity to help shape the group's direction and grow with it.Security Engineers work directly with our Product and Engineering teams to integrate security into the entire Software Development Life Cycle. This includes working with Product Managers on the design of new or changing features that affect security controls, working with developers on secure methods to implement those features, and working with the infrastructure team to design and deploy a secure platform to run Hinge Health applications.In this role you will be expected to proactively identify, assess, advise and assist in the prioritization and remediation of source code security vulnerabilities. Security Engineers are expected to do so using multiple methods and tools including but not limited to manual penetration testing, outputs from automated security scanning tools including Software Composition Analysis, Static Application Security Testing, Dynamic Application Security Testing, and the findings from third-party application penetration tests.Security Engineers also work with the Security Operations and Infrastructure teams to deploy and maintain security tools within the Hinge Health environment and assist in the tuning of these tools. Security Engineers may also advise or implement the proper security controls on cloud platforms as required to meet security and compliance standards.Security Engineers will be part of the incident response team as subject matter experts as needed. You may also be called upon as subject matter experts to assist other teams with third party security assessment requests. The ideal candidate will have experience securing, hardening, and identifying vulnerabilities in web applications, RESTful APIs, and mobile applications (iOS and Android) in a cloud hosted microservice environment. We are looking for an individual who can take a risk-based approach to prioritizing the various aspects of a successful product security program. You should be ready to independently jump in to ask questions and understand the environment and identify potential issues while balancing their findings based on risk and company priorities.The ideal candidate will also have experience implementing and interpreting the results of automated security scans using SCA, SAST and DAST tools and in performing security assessments and penetration tests of web applications and API endpoints and mobile applications. They will also have experience assessing the security of cloud(IaaS) infrastructure, ideally including interpreting automated static scans of Infrastructure as Code source. The individual should have experience in adding security processes to all aspects of the Software Development Life Cycle and create Secure SDLC policies and procedures.This individual should enjoy working with product managers to create a secure and delightful experience for Hinge Health customers.

WHAT YOU’LL ACCOMPLISH

Update and mature our Secure Software Development Lifecycle policies and procedures and standards Implement automated security scanning tools and perform manual security assessments including source code review to harden Hinge Health web applications and API microservices Enable the product teams to create secure by design product features and services by working alongside product managers and engineers during the design phase of projects Assist with third party security assessments and penetration tests of Hinge Health web applications, API endpoints, and mobile applications, including interpretation of results and verification of remediations

BASIC QUALIFICATIONS

4+ years of experience in Security Engineering 3+ years experience in Automated Security Testing 3+ year experience in Secure Coding Practices 3+ years of experience securing web applications and public API endpoints OR securing mobile applications (iOS, Android)

PREFERRED QUALIFICATIONS

1+ year experience writing or significantly updating Secure Software Development Lifecycle documentation (Policies, Procedures, Standards, Work Instructions) 1+ year experience making risk based security decisions, for example changing vulnerability severity scores based on environment, determining if compensating controls sufficiently mitigate risks, and security control design decisions 1+ year of experience in securing applications in Health Care, securing ePHI and HIPAA/HITECH regulationsFamiliarity with HITRUST CSF and NIST control frameworks 1+ year of experience in Threat Modeling 1+ year of experience in performing security assessments and secure design of hardware and firmware of medical devices communicating over Bluetooth 1+ year of experience in any of the following, deploying web based services on AWS infrastructure, Kubernetes, Typescript, ReactNative, Ruby on Rails, GraphQL, IaC using Terraform

  • IT Infra Lead Security Engineer

    13 hours ago

    bangalore, India Guidewire Software Full time

    IT Infra Lead Security EngineerIndia - Bangalore Business Technology /Full-Time /On-SiteSecurity Engineer will implement security strategy and operations within an organization. They also need to know how to assess security risks, test systems and networks, and investigate and respond to security events. Identity and access management, data protection, and...

  • Lead - IT Security Engineer

    2 weeks ago

    bangalore, India Bosch Full time

    Job Description Role : Lead IT Security Engineer  You will lead the planning and implementation of Security Engineering Process across projects/programs. In the process, you will have to build seamless security and define how developers view security, eliminate friction and improve Security natively.  You will work closely with other Security...

  • Lead - IT Security Engineer

    2 months ago

    bangalore, India Bosch Full time

    Job Description Role : Lead IT Security Engineer  You will lead the planning and implementation of Security Engineering Process across projects/programs. In the process, you will have to build seamless security and define how developers view security, eliminate friction and improve Security natively.  You will work closely with other Security...

  • IT Infra Lead Security Engineer

    2 days ago

    bangalore, India Guidewire Software Full time

    IT Infra Lead Security Engineer India - Bangalore Business Technology /Full-Time /On-Site Security Engineer will implement security strategy and operations within an organization. They also need to know how to assess security risks, test systems and networks, and investigate and respond to security events. Identity and access management, data protection,...

  • RSA - Application Security Engineer

    2 weeks ago

    bangalore, India RSA Security Full time

    RSA - Application Security Engineer Location: Remote India RSA offers mission-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced attacks;...

  • RSA - Application Security Engineer

    1 month ago

    bangalore, India RSA Security Full time

    RSA - Application Security Engineer Location: Remote India RSA offers mission-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced attacks;...

  • Netwitness Product Senior Security Engineer

    1 month ago

    bangalore, India RSA Security Full time

    Responsibilities• Work on any number of security and identity related areas and products• Build systems for detecting anomalous activities within the product• Develops and administers software engineering procedures and training for vulnerability scans and static code analysis• Analyse vulnerability report of various SCA and SAST scan tools like,...

  • Lead Cyber Security Engineer

    4 weeks ago

    bangalore, India Resillion Full time

    Job DescriptionTitle: Lead SIEM Engineer Experience Range: 9-14 Years  Location: Bangalore About You: The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will have a proven...

  • Senior Engineering Manager

    2 weeks ago

    bangalore, India Rippling Full time

    About RipplingRippling is the first way for businesses to manage their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.By connecting every business system to one source of truth for employee data, businesses can automate the manual work they normally need to do to make employee changes. Take onboarding, for example....

  • RSA Senior Software Engineer

    1 week ago

    bangalore, India RSA Security Full time

    RSA Senior Software Engineer - iOS RSA provides trusted identity and access management for 12,000 organizations around the world, managing 25 million enterprise identities and providing secure, convenient access to millions of users. RSA specializes in empowering security-first organizations in financial services, healthcare, energy, technology...

  • Lead Security Engineer

    2 days ago

    bangalore, India Shell Recharge Solutions Full time

    Shell Recharge Solutions is seeking a Lead Security Engineer Shell Recharge Solutions is looking for a Lead Security Engineer to join our team. The ideal candidate will be member of the information security team that works closely with other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional...

  • Team Lead Power Apps

    2 weeks ago

    bangalore, India Hemmersbach Full time

    Your skills C1 English & experienced in a leadership role, managing technical teams, and overseeing technology projects Deep knowledge of Power Apps and Power Automate, including creating apps, automating workflows Deep knowledge of data modelling, SQL, and experience with data analysis tools Intense familiarity with APIs for integration...

  • Team Lead Power Apps

    1 month ago

    bangalore, India Hemmersbach Full time

    Your skills C1 English & experienced in a leadership role, managing technical teams, and overseeing technology projects Deep knowledge of Power Apps and Power Automate, including creating apps, automating workflows Deep knowledge of data modelling, SQL, and experience with data analysis tools Intense familiarity with APIs for integration...

  • Azure Cloud Engineer

    2 months ago

    Bangalore, India ARR Recruitment Solutions Full time

    Job Responsibilities :Azure Cloud Engineer Primary skill : - Azure Logic App, Azure Function App,Python, Azure Services.Secondly skill: - Power Automate, UIPath , Azure Form Recognizer, MLOps.Detailed :- Hands-on development of integration workflows using Azure Logic Apps, Function Apps, Power Automate, and UIPath.- Implement robust and scalable solutions...

  • Cloud Native App Developer

    2 weeks ago

    bangalore, India Infogain Full time

    Cloud Native App Developer (Lead) with skills .NET Core, Core Java, Spring Boot Microservices, .NET Web API (restful APIs), Java Webservices, Spring, Spring Boot, AWS-Apps, Azure-Apps, Microservices Architecture for location Any Infogain Base Location (Noida, Gurugram, Bangalore, Mumbai, Pune) Posted on: June 07, Share on Linkedin Share on Twitter...

  • Software Engineering Manager, App

    2 weeks ago

    bangalore, India Wayfair Full time

    Wayfair believes everyone should live in a home they love. Through technology and innovation, we make it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 14 million items across home furnishings, décor, home improvement, housewares, and more. Partnering with Product, Experience Design, Analytics, and...

  • Software Engineering Manager, App

    4 weeks ago

    bangalore, India Wayfair Full time

    Wayfair believes everyone should live in a home they love. Through technology and innovation, we make it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 14 million items across home furnishings, décor, home improvement, housewares, and more. Partnering with Product, Experience Design, Analytics, and...

  • Staff Product Security Engineer

    2 weeks ago

    bangalore, India Rippling Full time

    About Rippling Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform. By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes. Take...

  • Staff Product Security Engineer

    4 weeks ago

    bangalore, India Rippling Full time

    About Rippling Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform. By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes. Take...

  • Lead Security Engineer

    3 days ago

    Bangalore Urban, India Shell Recharge Solutions Full time

    Shell Recharge Solutions is seeking a Lead Security EngineerShell Recharge Solutions is looking for a Lead Security Engineer to join our team. The ideal candidate will be member of the information security team that works closely with other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional...