Senior Security Engineer | Hinge Health | Bengaluru, Karnataka, India

Position: Senior Security Engineer

Location: Bengaluru, Karnataka, India

Job Description

Qualification and Skills

• Automated Security Testing: Ability to configure and automate security scans as part of the CI/CD process, interpret the results and work directly with engineers on prioritization and remediation.
• Secure Coding Practices: Ability to examine source code in multiple languages to evaluate controls. Be able to identify common coding and design vulnerabilities. Deep understanding of OWASP Top 10 and other common security flaws.
• Communication: Ability to partner with engineers and product managers to implement security by design.
• Judgment: Ability to assess the risk of vulnerabilities, tradeoffs in designs, etc. to categorize and prioritize remediation work.
• Incident Handling: Be able to work as a subject matter expert in the security controls, internal communications, and infrastructure of Hinge Health applications during security incidents.
• Proactive: Enjoys proactively, asking questions and examining systems and processes for possible flaws and reaching out to relevant teams to identify and verify vulnerabilities that may not have been found by automated scanning and schedule manual reviews.
• Experience securing applications in Health Care, securing ePHI and HIPAA/HITECH regulations.
• Familiarity with HITRUST CSF and NIST control frameworks.
• Experience in Threat Modeling
• Experience performing security assessments and secure design of hardware and firmware of medical devices communicating over Bluetooth
• Experience with any of the following, deploying web based services on AWS infrastructure, Kubernetes, Typescript, ReactNative, Ruby on Rails, GraphQL, IaC using Terraform.

Responsibilities

• Implement automated security scanning tools and perform manual security assessments including source code review to harden Hinge Health web applications and API microservices.
• Enable the product teams to create secure by design product features and services by working alongside product managers and engineers during the design phase of projects.
• Assist with third party security assessments and penetration tests of Hinge Health web applications, API endpoints, and mobile applications, including interpretation of results and verification of remediations.
• Contribute to the improvement of Software Development Life Cycle management policies, procedures, and standards.

Apply: Click here to Apply