Product Security Engineer

| Greater NYC Area
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

The Role

Cedar has built a platform that combines data science and machine learning to connect patients with healthcare providers in a way that helps solve the critical challenges of patient billing and payment. Our technology improves the overall experience of patient billing and engagement, enabling patients to help understand the cost of their care while ensuring providers can thrive in a rapidly changing environment. Patients put their trust in Cedar's platform, making security and availability an integral part of what we do.

As a Product Security Engineer, you will help build the application security program, affecting the whole product lifecycle: from input to architecture through the release process as well as ongoing assessment, triage and remediation of application vulnerabilities. As a fast-growing startup, security cannot be reactive, and so you will be hands-on with our codebase: helping build tools, services and guidance that form the "golden road", so releasing secure software is the easy and obvious path for the rest of our maker community. 

Responsibilities
  • Embed security practices into new and existing CI/CD pipelines
  • Perform security assessments of new products and technologies
  • Evangelize security through participation in design discussions and code reviews
  • Build security solutions not just to mitigate the OWASP Top 10, but to raise the bar on data protection and monitoring
  • Drive technical projects end-to-end, including the integration of secure development standards, tools and processes
  • Perform threat modeling, research and share threat intelligence specific to Cedar's business
  • Prioritize remediations and projects based on knowledge of threat, risk and importance to the business
Required Skills & Experience
  • 5+ years in technical security roles
  • Proficient in a few general purpose programming languages (ideally Python & Javascript)
  • Experience with penetration tests & application assessments, ideally on both sides of the table
  • Experience performing code audits on internal and open source libraries
  • Experience with DAST, SAST as well as manual testing techniques 
  • Familiarity with AWS operations; this isn't an infrastructure role, but you should be able to advocate for controls at different parts of the stack
Preferred Qualifications
  • A record of participation in the open-source and security communities
  • Experience building secure APIs and secure data science pipelines
  • Hands-on experience with container and AWS security, and implementing automations with and for these platforms
  • Familiarity with HIPAA, PCI and the unique considerations around health and payments data
  • Experience with vulnerability and threat management activities generally, including bug bounty and external assessment programs
  • Strong communications skills - ability to describe the security of our platform to existing and potential clients would be a big win

What do we offer to the ideal candidate?

  • An opportunity to work on a platform that is scaling very rapidly with 200,000 engaged patients a day as of May 2020
  • A chance to join a high-growth company at an early stage
  • The ability to impact the growth of our company, we value all comments and suggestions
  • Transparency across teams and interaction with multiple departments
  • Competitive pay, employer-paid healthcare, stock options
  • Daily team lunch and unlimited healthy snacks at our NYC office

 

Applicants must be currently authorized to work in the United States on a full-time basis. Cedar will not hire any applicants for Product Security Engineer who are present in the United States on an F-1 visa

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • JavascriptLanguages
    • PythonLanguages
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • PostgreSQLDatabases

Location

We're located in the lovely West Village with easy access with great local restaurants, shops, and bars!
Cedar’s D&I Efforts has Employee Saying: “I’ve Honestly Never Seen Anything Like It.”
Watch

What are Cedar Perks + Benefits

Cedar Benefits Overview

Working at Cedar gives you an opportunity to solve a problem that affects millions of patients annually! We offer competitive pay, employer-paid healthcare, and stock options. Cedar also provides an open office environment where we come together to enjoy free daily team lunch and unlimited healthy snacks! You'll also get exposure to top venture capitalists including Thrive Capital and Founders Fund.

Culture
Partners with Nonprofits
Cedar is proud to partner with Path Forward, a non profit on a mission to empower people to restart their careers after time spent focused on caregiving.
Friends outside of work
Eat lunch together
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Unconscious bias training
More Jobs at Cedar18 open jobs
All Jobs
Dev + Engineer
Legal
Operations
Product
Project Mgmt
Sales
Operations
new
New York
Developer
new
New York
Developer
new
New York
Developer
new
New York
Developer
new
New York
Developer
new
New York
Product
new
New York
Developer
new
New York
Sales
new
New York
Sales
new
New York
Operations
new
New York
Operations
new
New York
Developer
new
New York
Project Mgmt
new
New York
Developer
new
New York
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Cedar's full profileSee more Cedar jobs