Here at BitMED we appreciate transparency and creativity. So, let’s try something new. We would like to give you the opportunity to learn more about this role the same way we would get to know you. An application!
We’ll go first…
Why is this position crucial to BitMED?
Our lean team is ready to grow! We are rapidly onboarding 22M members to our platform and that number is growing everyday. Our Senior Security Engineer will be responsible for designing and developing security testing scenarios and perform ongoing security testing and code review to improve our security posture. By joining our small team, they will be an integral contributor in developing our engineering culture. This person will be a key enabler for lean integration, faster innovation, rapid development, streamlined communication and improved collaboration.
Why does this person want to work at BitMED?
They are excited about bringing blockchain technology to the healthcare community at scale. Joining BitMED is a strategic and advantageous career move for them as they will play a crucial role as a contributor to bringing a global, no-cost healthcare solution to market. They visualize the impact they’ll have in this role and are prepared to offer their expertise towards building a successful new platform that will change the way the world views healthcare.
What qualities should this person have?
BitMED is looking for a person with the willingness to learn and the ability to contribute right off the bat. They can balance timeliness and business priorities with technical feasibility. They are adamant about solving problems and are a reliable resource for insight and assessment of technical issues. They are able to speak openly and humbly about their failures and mistakes, clearly articulating what happened and how it was addressed. They are passionate about learning, executing and leading by example. They are an open source enthusiast and a best in class developer with a desire to gain knowledge in an emerging market. They are able to think through and anticipate how hackers and others may attempt to subvert or misuse applications.
What will this person do on a day-to-day basis?
Conduct research on emerging products, services, and standards in support of security enhancement and development efforts.
Maintain our security monitoring solutions and make changes when needed to improve visibility and relevancy of alerting.
Serve as the security expert and communicate information security-related concepts to technical and non-technical team members.
Help oversee the organizations bug bounty program and work with independent security researchers as needed.
Work directly developers and product managers to help define security requirements for new projects and products.
What experience should this person have?
Degree in Computer Science or Cybersecurity
Knowledge and experience complying with various security standards and best practices, particularly related to high traffic consumer-facing websites
Expert technical knowledge of database and Linux operating system security
8+ years of experience in the field of application security
5+ years of experience with Amazon Web Services products and services (EC2,S3,RDS,Lambda,ECS,etc.)
5+ years of experience in hybrid platform (public cloud + on-prem) security
2+ years of experience as White Hat/ Ethical Hacker (or equivalent certification)
1+ year of experience as CISO for a startup or SMB
Red/Blue team or relevant experience with modern penetration testing tools
Experience with HIPAA/PCI/SOX/SOC-2 compliance is mandatory
Strong knowledge of web application design, development, and testing techniques
Strong capacity for debugging web application and security issues
Strong problem solving and creative skills and the ability to exercise sound judgment and make decisions based on accurate and timely analysis