Senior Application Security Engineer

We are united in our mission to make a positive impact on healthcare. Join Us!

• South Florida Business Journal, Best Places to Work 2024
• Inc. 5000 Fastest-Growing Private Companies in America 2024
• 2024 Black Book Awards, ranked #1 EHR in 11 Specialties
• 2024 Spring Digital Health Awards, “Web-based Digital Health” category for EMA Health Records (Gold)
• 2024 Stevie American Business Award (Silver), New Product and Service: Health Technology Solution (Klara)

Who we are:

We Are Modernizing Medicine (WAMM)! We’re a team of bright, passionate, and positive problem-solvers on a mission to place doctors and patients at the center of care through an intelligent, specialty-specific cloud platform. Our vision is a world where the software we build increases medical practice success and improves patient outcomes. Founded in 2010 by Daniel Cane and Dr. Michael Sherling, we have grown to over 3400 combined direct and contingent team members serving eleven specialties, and we are just getting started! ModMed is based in Boca Raton, FL, with office locations in Santiago, Chile, Berlin, Germany, Hyderabad, India, and a robust remote workforce with team members across the US.

ModMed is hiring a Senior Application Security Engineer to advance the security of our applications by working closely with development and engineering teams. This role will focus on embedding security into our software development lifecycle, performing hands-on security assessments, and ensuring proactive defenses across our application stack. This is an exciting and high-impact opportunity within a fast-paced Healthcare IT company that is truly Modernizing Medicine!

Your Role:

• Application Security Assessment: Conduct application security testing, including Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), identifying vulnerabilities and working with development teams to remediate them.
• Collaborate with Development Teams: Partner with software engineers to integrate security best practices, review code for potential security issues, and support secure design in new applications and features.
• SAST and SCA Implementation: Support the rollout of Snyk for SAST and Software Composition Analysis (SCA), focusing on accurate detection of vulnerabilities in code and third-party libraries.
• Threat Modeling and Risk Identification: Perform threat modeling and risk assessment exercises to identify security risks early in the development process.
• Develop Security Standards: Contribute to the creation and enforcement of application security standards and policies, ensuring consistent security practices across development teams.
• Incident Analysis and Remediation: Assist in investigating and responding to application-related security incidents, performing root cause analysis, and implementing solutions to prevent reoccurrence.

Skills & Requirements:

• Bachelor's degree in Computer Science, Information Systems, or a related field, or equivalent experience.
• 5+ years of experience in application security, with strong knowledge of secure coding practices and application security frameworks.
• Experience with SAST/SCA tools (e.g., Snyk, Checkmarx, or similar), including integration and remediation support.
• Strong understanding of the OWASP Top Ten, secure design principles, and best practices for preventing common vulnerabilities.
• Experience in threat modeling and a solid grasp of risk assessment methodologies.
• Programming skills for security code review (e.g., Python, Java, JavaScript) and familiarity with cloud security, preferably in AWS environments.
• Excellent communication and collaboration skills to effectively work with cross-functional teams and convey complex security concepts.

ModMed Benefits Highlight:

At ModMed, we believe it’s important to offer a competitive benefits package designed to meet the diverse needs of our growing workforce. Eligible Modernizers can enroll in a wide range of benefits, including:

• Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution,
• 401(k): ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep.
• Generous Paid Time Off and Paid Parental Leave programs,
• Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs,
• Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed,
• Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning,
• Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles,
• Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters.