Application Security Engineer
Galileo is building the future of healthcare - today. Using innovative mobile technology and human-centered design, we’re looking to improve the quality and affordability of medical care for all -- including those with Medicare and Medicaid.
Based in NYC, our company is founded by a successful entrepreneur (One Medical, Epocrates), led by a top-notch team, and well-funded from some of the best investors in the country. We seek curious, talented, team-oriented individuals with a diverse set of backgrounds who ultimately want to make a difference.
What You’ll Do
In close collaboration with our Engineering team, Galileo’s Security Engineers will help build our security-first culture and identity. This is an opportunity to utilize new technologies in securing a diverse set of applications. Specifically, you will:
- Continue to automate our incident detection and remediation procedures by using our SIEM solution
- Build out our infrastructure to monitor security events from our Docker services
- Develop infrastructure to improve access monitoring for applications and databases
- Find and patch vulnerabilities in our web and mobile applications
- Strengthen our configuration automation and security maintenance on local endpoints
- Perform vulnerability tests on all of our resources
- Participate in design reviews and code reviews, applying a security focused mindset
Who You Are
- You are interested in designing, building, and maintaining security systems, both locally (employee and patient devices) and in the cloud (AWS).
- You have hands-on experience performing vulnerability tests and security assessments, on both cloud infrastructure and application infrastructure.
- You keep up-to-date with the tech industry landscape of security threats, and know how to identify and patch relevant security holes. You enjoy using metrics to find and remedy anomalies.
- You have configured and maintained an alerting system through a Security Information and Events Management (SIEM) tool.
- You understand how to develop and enforce strict security and data access policies, regarding HIPAA assessments and evaluations.
- You are fluent in scripting languages, such as Python, Ruby, Bash, etc. You thrive in a collaborative environment, where responsibility and ownership are shared.
Technologies We Use
- AWS (ECS Fargate, RDS Aurora, CloudFormation, CodePipeline, CodeBuild)
- MySQL
- Python
- Javascript
- Bash
- Nginx
- OpenVPN Access Server
- Docker
- Elasticsearch / Logstash / Kibana
- AlienVault
- Google SAML
How We Hire
Galileo is committed to hiring the best talent from a range of backgrounds and experiences, - including but, not limited to - gender, ethnic, political, economic, religious, sexual orientation, and other personality traits. We believe in a strong culture that fosters teamwork, excellence and sound decision-making -- one that is based on mutual respect and trust. We appreciate candidates who are open and honest about what they’re looking for so we can ensure it’s a fit on both sides.