Application Security Engineer
- Worldwide
Reify Health is paving the way to faster, predictable, and more accessible clinical trials. Through its business entities, StudyTeam and Care Access, the company provides best-in-class trial optimization software and transformative clinical trial infrastructure that delivers research directly to more healthcare providers, communities, and patients wherever they are. Through partnerships with top biopharma companies, thousands of research clinics worldwide, and leading healthcare & community organizations, Reify Health is helping bring new medicines to patients faster, one trial at a time.
By joining our team, you will play a key role in technical security assessment of modern web applications and APIs across Reify Health’s (SaaS) product portfolio.
- Integrate with engineering teams to perform technical security assessments of new applications, features, and internal reporting and administrative tools
- Oversee the security of SaaS application integrations of partner products, as well as Reify Health’s first native mobile application
- Author product security risk assessments, when appropriate, to document application and product security findings and outline required mitigating controls
- Recommend, drive, and implement improvements to Reify Health’s Application Security program, including how the program is integrated within the SDLC
- Develop solutions and tooling to enable and enhance security across Engineering, Data, and Infrastructure (AWS)
- Identify key areas for the SIEM team to expand the SIEM solution with a focus on product and application security monitoring and alerting requirements
- 3 or more years experience in a dedicated technical information security role is required
- Understanding of modern application stacks including microservice architectures, containerization, CI/CD, and IaC in a cloud environment such as AWS or GCP is required
- Understanding of OWASP Top 10 from both the attack chain and mitigation perspectives is required
- Understanding of technical risk assessment methodologies is required
- Proficiency in scripting for programmatic data analysis and automation is required (e.g. Python)
- Experience collaborating with engineering and product teams to technically assess product security is a strong plus
- Experience with securing native mobile applications is a strong plus
- Competitive salary and stock options
- Remote-first! Work from anywhere.
- Flexible PTO & working hours
- Up to 16 weeks 100% paid parental leave
- 100% paid health coverage for employees with option of HSA: Includes employer HSA contribution of $400 for individuals or $800 for families
- Additional plans available at >70% premium coverage
- 100% employer-sponsored dental & vision plans for employees
- Supplementary, low-premium benefits: Short-term/Long-term disability, voluntary life insurance, pet insurance(!), legal & identity protection
- Free access for employees and dependents to health care advocacy team (Alight Health Pros), and 24/7 telemedicine access (Eden Health)
- 401(k) retirement plan with 4% employer match
- Company-provided laptop
- $1300 annual home office reimbursement
- Team Fun: Regularly scheduled virtual events and weekly lunch expense policy (Up to $20 weekly)
- Annual fitness and weight loss reimbursements: Up to $150 each per year
- Learning and Development: Your very own LinkedIn Learning license so that you can upskill or just learn something new!
- Access to Benefits Marketplace: A special discount hub for Reify employees to access deals on things like electronics & home goods to wireless service or travel
- Guardian’s College Tuition Benefit Program: Enroll any child dependents under the age of 17 for up to $4000 per year towards college tuition
We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status.
Note: Reify Health is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that Reify works with a Professional Employer Organization.
For a detailed overview of Reify Health's privacy policy, please visit www.reifyhealth.com/privacy-policy. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).
