HealthJoy: Application Security Engineer at HealthJoy (Kyiv, Ukraine) (Kyiv, Ukraine)
Posted: May 22, 2021
Come for the mission. Stay for the experience.
Let’s keep things simple: we are an unbelievably talented, hard-working, and compassionate team driving towards a mission that impacts a huge amount of people who use Healthcare benefits in the US.
Healthcare benefits are complex, underutilized and a mystery for most users in the USA. We’re removing that complexity. Our industry-changing technology solution puts a simplified benefits experience in the hands of users, saving them time and money.
Following an explosive 2019 (raising $30M in Series C funding, awards for Chicago’s Best Tech Startup and Chicago’s Best Place to Work, adding 50+ key team members and more), we’re continuing down the path of high growth and high impact.
Reduces vulnerabilities, malicious code, and other security issues in released software without slowing down code production and releases
Mitigates the potential impact of vulnerability exploitation throughout the application lifecycle, including when the code is being developed and when the software is executing on dynamic hosting platforms
Addresses the root causes of vulnerabilities to prevent recurrences, such as strengthening test tools and methodologies in the toolchain, and improving practices for developing code and operating hosting platforms
Reduces friction between the development, operation, and security teams in order to maintain the speed and agility needed to support the organization’s mission while taking advantage of modern and innovative technology
- Integrate DevSecOps tools as part of an agile team to achieve Continuous Integration and Continuous Deployment (CI/CD) applications. (DAST, IAST)
- Develop techniques to ensure development teams find flaws before they are introduced into production (SAST)
- Supports security operations infrastructure (Wazuh, ELK, Palo Alto)
- Experience of scripting tools (Jenkins automation server, Ansible tools, Linux shell scripting, etc.)
- Experience working with infrastructure as code systems (terraform)
- Experience with GitLab/Github/Docker/Kubernetes Confluence, etc.
- Experience in AWS infrastructure engineering and administration
- 2 plus years implementing secure coding practices like OWASP Top 10
- 2 plus years of experience securing applications via CI/CD pipelines leveraging static code analysis, unit and integration testing, dependency analysis, etc.
- Application Service Hardening (CIS, HITRUST, STIGS)
- Web Services Security (Oauth, JWT, OAUTH, SAML)
- English Intermediate or better
Work should be meaningful and rewarding.
HealthJoy offers a robust package of employee perks and benefits including competitive compensation, unlimited vacations, health insurance, English lessons with a native speaker and full or partial coverage of educational events.
During the pandemic situation, we offer mental health support programs, personal psychological counseling and help with remote work setup.
We also enjoy each other's company over wellness activities, happy hours, volunteer events in our local communities, lunch and learns, and ‘friendship time’ pairings.
HealthJoy is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or any other basis forbidden under federal, state, or local law.