hero

Portfolio Careers

Build your career at the best companies in healthcare and fintech
Oak HC/FT

Security Engineer (Ruby on Rails)

Brightline

Brightline

This job is no longer accepting applications

See open jobs at Brightline.
Software Engineering
Remote · United States
Posted on Sunday, October 22, 2023

About the Role

We're looking for you to join our team as a Security Engineer to help support and grow our security program, working across the organization on a wide variety of projects as we expand access to healthcare and people’s understanding of the resources available to them.

This position can be based anywhere in the United States.

About You

You’re looking for a company where you have the opportunity to pursue your interests across functions and guide your career development. You value having startup experience. You’re looking to quickly make an impact and the focus is on building out solid security practices and a commitment to excellence. You have strong problem-solving skills and experience working on application security for a cloud-based product. You like to implement security features and fix bugs when you aren't finding vulnerabilities. You are humble, eager to learn, and always willing to help others. You understand the importance of iterating quickly and that building means doing the dirty work. You want teammates who enjoy solving problems regardless of the technologies and techniques involved. You believe that better and accessible mental health care is meaningful and worthwhile.

About the Role

  • You enjoy collaborating with engineers and building out actionable policies and practices.

  • You have experience with multiple frontend and backend frameworks and are comfortable identifying and resolving security issues.

  • You have deep knowledge of API security best practices.

  • You have experience integrating threat modeling throughout the application development lifecycle.

  • You have experience in mobile application specific application security.

  • You believe in automation and you understand the importance of shipping, often.

  • You have implemented security best practices in AWS S3/KMS and SaaS integrations (Google Workspace, Snowflake, Cloudflare, etc.)

  • You could explain DAST, SAST, IAST to our C-suite as well as help us make the best use of the appropriate technology.

  • You aren’t afraid to dive in for incident response and investigations and help use the lessons from our worst days to make our every day better.

You'll be successful with the following qualifications:

Licenses/Certifications:

The following certifications will help you stand out.

  • SANS GWEB, GWAPT

  • ISC CSSLP

  • OSWE

Demonstrated Experience:

  • Minimum of 1-3 years related work experience in Application security, development or equivalent role.

  • Minimum of 1-3 years of experience working in Ruby on Rails / Security

  • Building and breaking modern applications (SPAs, mobile apps, APIs, webhooks, etc.) in modern processing environments (CDN, WAF, API gateways, etc).

  • Strong working knowledge of Docker and Linux environments

  • Establishing application security practices and technical pipelines, especially integrating useful controls in CI/CD pipelines both on-premise and cloud environments.

  • Working with engineering teams to balance ongoing product feature development, technology limitations with security concerns.

  • Conducting or being the subject of privacy and/or security audits.

  • Ability to produce high quality documentation, reports, procedures and technical specifications to communicate with a wide range of stakeholders.

  • Effective at engaging with teams in various functions and across different levels

  • Strong organizational skills and ability to prioritize and manage multiple projects simultaneously.

  • Excellent analytical and writing skills with an emphasis on communicating complex issues across a wide audience.

  • Experience working in an environment that processes PHI and with applicable standards, such as: NIST Privacy Framework, ISO/IEC 27701, ISO 27001, HIPAA, HITRUST, SOC 2.

Education:

Prior experiences and demonstrated abilities will make you a top candidate for this position. For those with less experience we will also be interested in any education that may help you stand out.

Examples include:

  • Bachelor's Degree in Computer Science, Information Technology or related field

  • Cybersecurity Bootcamps

Total Rewards

Insurance:

  • Medical + Dental + Vision + Disability + Life Insurance

Time off:

  • 14 Paid Holidays + Flexible PTO + Sick Days + Parental Leave

Stipends/Reimbursements:

  • Learning and Development Reimbursement

  • Health and Wellness Stipend

  • Home Office Reimbursement

Financial Wellness:

  • 401k

  • Stock Options

Community:

  • Remote, community-focused culture

  • Company wide meditations

  • Group workouts hosted by Brightline employees!

  • Company Offsites

Compensation Philosophy:

  • At Brightline we have built a total rewards philosophy that includes fair, equitable, competitive, geo-based compensation that is performance and potential based. Our strategy is based on robust market research, including external advisory specializing in national compensation, and thoughtful input from every level of our organization. It is a combination of a cash salary, equity, benefits, wellbeing, and opportunity. In compliance with the Equal Pay for Equal Work Act, the annual base salary range for applicants is $97,000 -$172,000.

Our Commitment to Building a Diverse, Equitable, and Inclusive Workforce

At Brightline, we believe that Diversity, Equity, Inclusion, and Belonging are essential to the foundation that we build our mission upon. We are compelled to build a future where all families can access inclusive, high-quality care. We are committed to creating an environment that encourages our employees to show up authentically, reach their highest potential, and have an equal opportunity to thrive. We are committed to systematically evaluating and improving our inherent beliefs, observed behaviors, structures, and systems. We are committed to ensuring that every employee, candidate, client, and family we serve is valued and respected.

About Brightline

Brightline is on a mission to build a bright future for every child. We’re convening a team of leading clinicians, technologists, business leaders, and creative thinkers to completely transform what behavioral health care looks like. Together, we’re building exceptional technology and real-world care to bring families a warm, supportive, and goal-oriented experience of care that will help them thrive.

Founded in 2019, Brightline is the leading comprehensive behavioral health platform for families, backed by $215M in funding from leading investors, including Oak HC/FT and Threshold Ventures. As we grow quickly across the country, we’re looking for exceptional team members who, like us, are eager to transform behavioral health in this country and change lives.

This job is no longer accepting applications

See open jobs at Brightline.