Job Description
Application Security Engineer III page is loadedApplication Security Engineer IIIApplylocationsRemote CanadaRemote United Statestime typeFull timeposted onPosted 2 Days Agojob requisition idR2573Job Description: Are you looking for a team that is energized by the constantly evolving world of application design and security? At Phreesia we are at the forefront of technological advancement, speaking fluent 12-factor app and embracing the “everything as code” movement. We are preparing for the future and are looking for a talented, experiencedApplication Security Engineer IIIto join us in building things frominceptionwith deep-rooted security principles and design. As a vulnerability identification and remediation expert, you will play a critical role in ensuring that our systems are secure and resilient.You’llwork on building and understanding threat models in our release pipelines and runtime, as well as dig deep into our application code and the Phreesia application itself. Our offering spans a wide array ofcutting-edgetechnologies including Classic web applications, Android and hardware builds, Credit Card Security and HSMs, Classic Datacenters and the Cloud. Weoperatein an interesting compliance space that includes both healthcare and card compliance, making this role a constantly creative and challenging one. WhatYou’llDo: Build (both visually and via documentation) threat models and perform security reviews on Phreesia’s applications and infrastructure.Join forces with our brilliant Security Engineering team to define and integrate Security Architecture standards and Secure SDLC across the organization, ensuring our security practices stay top-notch and our productsremainunbeatable.Act as a key player in Phreesia’s large-scale transition to modern CI/CD pipelines and help designhigh-tech security practices for our cloud and container release platforms.Hands on experience with application security domains such as web, devices (mobile and tablets) and backend platforms.Help Phreesia design and scale security projects like SAST, DAST, WAF, etc.Support compliance programs like SOC2, PCI, SOX, and HITRUST certifications in Phreesia.Support vulnerability management program in Phreesia.Participate in ourinternalvendor review assessment process.Help development teams in meeting security requirements through security consultations.WhatYou’llBring: Bachelor's degree in computer science or related disciplines.4+ years of experience in software development, information security, cloud security or information technology. With at least 2+years of experience inapplicationsecurity.Background in the application security basics: HSTS, CSPs, and a working knowledge of theOWASP Top Tenexploitation paths and control mitigations to protect against them. Experience in Cloud security isrequired.A general understanding of old and new development patterns: Release cycles, CI/CD, Code check-in and review.Experience with performing security reviews for web and backend applications.Experience with at least oneInfrastructure-as-codelanguage like Ansible, Terraform, etc.Ability to prioritize various tasks and projects while thriving in a hands-on, collaborative environment.You’llbe working with teams across the organization sowe’relooking for someone who can lead with empathy.Proventrack recordofdeliveringresults.Base pay for US is $120,000 - $150,000 USD depending on qualifications. Who We Are: At Phreesia, we’re looking for smart and passionate people to help drive our mission of creating a better, more engaging healthcare experience. We’re committed to helping healthcare organizations succeed in an ever-evolving landscape by transforming the way healthcare is delivered. Our SaaS platform digitizes appointment check-in and offers tools to engage patients, improve efficiency, optimize staffing, and enhance clinical care. Phreesia cares about our employees by providing a diverse and dynamic work environment. We’re a five-time winner of Modern Healthcare Magazine’s Best Places to Work in Healthcare award and we’ve been recognized on the Bloomberg Gender Equality Index. We are dedicated to continuously improving our employee experience by launching new programs and initiatives. If you thrive in a culture of recognition, value inclusivity, professional development, and growth opportunities, Phreesia could be a great fit! Top-rated Employee Benefits: 100% Remote work + home office expense reimbursements Competitive compensation Flexible PTO + 8 company holidays Monthly reimbursement for cell phone + internet + wellness 100% Paid 12-week parental leave to our U.S. employees, as well as a generous parental benefit to our employees in Canada Variety of insurance coverage for people (and pets!) Continuing education and professional certification reimbursement Opportunity to join an Employee Resource Group. Learn more here:https://www.phreesia.com/dei/ We strive to provide a diverse and inclusive environment and are an equal opportunity employer.About UsAt Phreesia, we’re transforming the patient experience and giving healthcare organizations the capacity to do more—and we need smart, innovative problem-solvers to help us get there. Phreesians have a wide range of backgrounds—you don’t need to be a healthcare expert or a technology geek to succeed on our team. We’re looking for talented, diverse individuals who want to make a difference in healthcare.#J-18808-Ljbffr