Lead Application Security Engineer

We are united in our mission to make a positive impact on healthcare. Join Us!

• South Florida Business Journal, Best Places to Work 2024
• Inc. 5000 Fastest-Growing Private Companies in America 2024
• 2024 Black Book Awards, ranked #1 EHR in 11 Specialties
• 2024 Spring Digital Health Awards, “Web-based Digital Health” category for EMA Health Records (Gold)
• 2024 Stevie American Business Award (Silver), New Product and Service: Health Technology Solution (Klara)

Who we are:

We Are Modernizing Medicine (WAMM)! We’re a team of bright, passionate, and positive problem-solvers on a mission to place doctors and patients at the center of care through an intelligent, specialty-specific cloud platform. Our vision is a world where the software we build increases medical practice success and improves patient outcomes. Founded in 2010 by Daniel Cane and Dr. Michael Sherling, we have grown to over 3400 combined direct and contingent team members serving eleven specialties, and we are just getting started! ModMed is based in Boca Raton, FL, with office locations in Santiago, Chile, Berlin, Germany, Hyderabad, India, and a robust remote workforce with team members across the US.

ModMed is hiring a Lead Application Security Engineer to champion the security of our applications across the organization. This role will be responsible for implementing, managing, and maturing our application security program, with a focus on rolling out Snyk for Static Application Security Testing (SAST) and Software Composition Analysis (SCA) across all teams.This is an exciting and high impact opportunity within a fast-paced Healthcare IT company that is truly Modernizing Medicine!

Your Role:

• Implement and Scale Application Security: Lead the organization-wide implementation of Snyk, ensuring that SAST and SCA processes are integrated seamlessly into the development lifecycle.
• Security Architecture and Design: Collaborate with engineering and product teams to design secure applications, enforce secure coding practices, and conduct architecture reviews.
• Threat Modeling and Risk Assessment: Conduct threat modeling sessions and security risk assessments to identify potential vulnerabilities early in the development process.
• Code Review and Vulnerability Remediation: Oversee regular code reviews focused on security and assist teams in remediating vulnerabilities identified in SAST, SCA, and manual code analysis.
• Security Standards and Policies: Establish and promote application security standards, guidelines, and policies to support secure development practices.
• Incident Response Support: Assist with application-related security incidents, providing expertise in forensics, root cause analysis, and post-incident remediation.
• Mentor and Guide Teams: Act as a security leader and mentor within the organization, providing guidance on secure development practices, and fostering a security-first mindset.
• Continuous Improvement: Continuously monitor, assess, and improve application security processes, tooling, and controls to stay ahead of emerging threats.

Skills & Requirements:

• Bachelor's degree in Computer Science, Information Systems, or equivalent.
• 7+ years of relevant experience in application security or a related field.
• Experience with Snyk or similar SAST/SCA tools and the ability to lead an organization-wide rollout.
• In-depth understanding of secure coding practices, OWASP Top Ten, and application security frameworks.
• Strong knowledge of cloud security (AWS preferred) and familiarity with securing microservices and containerized applications (e.g., Docker, Kubernetes).
• Solid programming skills for secure code analysis (e.g., Python, Java, JavaScript).
• Excellent problem-solving and communication skills with the ability to collaborate effectively with cross-functional teams.
• Strong organizational leadership and mentoring skills, with a commitment to continuous learning and development.

ModMed Benefits Highlight:

At ModMed, we believe it’s important to offer a competitive benefits package designed to meet the diverse needs of our growing workforce. Eligible Modernizers can enroll in a wide range of benefits, including:

• Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution,
• 401(k): ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep.
• Generous Paid Time Off and Paid Parental Leave programs,
• Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs,
• Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed,
• Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning,
• Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles,
• Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters.