Security Engineer
Published: 1 month ago
![Avatar for Nomi Health](/cdn-cgi/image/width=112,height=112,fit=scale-down,gravity=0.5x0.5,quality=90,format=auto/https://photos.wellfound.com/startups/i/8693029-04bad0eb9610ffe6c63a1ef789a67307-medium_jpg.jpg)
Nomi Health
We cut out the middleman to lower the cost of healthcare
The Role
We are seeking a Security Engineer to join our team in Austin, Texas. We are committed to ensuring the security and integrity of our systems. You will contribute to both front-end and back-end development processes. You will address a wide range of security challenges across our entire software stack, ensuring our applications and services are protected against the latest threats.
How you will make an impact
- Collaborate with development teams to integrate security best practices within the software development lifecycle (SDLC).
- Perform security reviews, threat modeling, and risk assessments to identify potential vulnerabilities.
- Design and implement effective security controls to mitigate identified risks.
- Enhance security for user interfaces (UI) by addressing potential design flaws, ensuring robust input validation, and securing authentication mechanisms.
- Apply best practices for security across client-side components to maintain an optimal balance between user experience and security.
- Secure back-end functions including data storage and overall system performance.
- Develop and enforce security measures around data protection, access control, and authentication.
- Address security issues related to APIs, databases, and server-side logic.
- Maintain close collaboration with both front-end and back-end development teams to ensure security measures are pervasive and effective.
- Articulate security requirements and participate actively in code reviews, offering expert advice and security guidance.
- Respond swiftly to security incidents and conduct debugging to resolve security-related issues.
- Continuously improve the security posture of our applications by updating and refining security measures.
What we are looking for
- Hybrid working onsite 3 days a week Tuesday, Wednesday, and Friday is required.
- Bachelor's degree in Computer Science, Information Security, or a related field or equivalent work experience.
- 3+ years of experience in software development with a focus on security.
- Proficiency in programming languages such as Python, JavaScript, C, Node, Go, and SQL.
- Familiarity with security tools and frameworks such as OWASP Top 10, Burp Suite, and Metasploit.
- Strong understanding of secure coding practices and common vulnerabilities.
- Experience with conducting security reviews, threat modeling, and risk assessments.
- Excellent communication skills and ability to collaborate effectively with cross-functional teams.
- Passion for staying up-to-date with security trends and best practices.