portal resources jobs companies g ginger application security engineer

Application Security Engineer 🔥


 

Headspace [1] and Ginger [2] have recently merged to become Headspace Health [3]! While roles are still being recruited separately on our respective websites, new hires from this point forward will be joining Headspace Health. For more information, please speak with your recruiter! 

 

About the Application Security Engineer at Headspace Health:

We take security and compliance seriously.  We are looking for a talented Application Security Engineer to liaise with the engineering and IT teams focusing on the following: bug bounty, pentesting, product security incident response, threat modeling, security reviews, and developer security education, along with other Information Security duties and responsibilities.

This critical role is part of our Corporate Technology Information Security team, supporting all aspects of secure engineering, product development, and infrastructure objectives. You will work with a diverse team of talented leaders and contributors who all are working collaboratively to realize our vision of improving the health and happiness of the world.

How your skills and passion will come to life at Headspace Health:

  • Support configuration, installation, and management of security tools in remote/office environments and cloud environments. 
  • Conduct and manage security vulnerability scans and remediation.
  • Create and maintain documentation for security standards and processes for security operation activities.
  • Review and audit security controls and perform analysis for improvements.
  • Identify security requirements and support implementation of necessary security controls
  • Assist during security incidents and investigations

What you’ve accomplished:

    • BS degree or higher in Computer Engineering, MIS or in a STEM major (Science, Technology, Engineering or Math).
    • At least 5+ years of experience in information security with experience in vulnerability and threat management, security architecture, and/or incident response.
    • At least 3 years of experience in application security for web and mobile based applications
    • Knowledge of Cloud Providers, MITRE, CWEs, OWASP Top 10, and SBOM.
    • Management and ability to accurately assess problems from multiple perspectives, analyze approach feasibility, and decide on the optimal course of action.
    • Hands-on experience with Repository and Artifact Solutions as well as working within a CI/CD pipeline and DevSecOps projects..
    • Engineering experience delivering security and compliance initiatives, especially with Secure SDLC.
    • A technical background is a must. 
    • Familiarity with the following languages is a plus: Python, Javascript, Kotlin/Java, Typescript, Obj-C/Swift, GoLang, DART/Flutter. 
    • Familiarity with the network configuration, database and API maintenance all in a cloud hosting environment is a plus.
    • Strong communication: ability to influence and collaborate at every level
    • Certifications such as OSWE, eWPT, GWAPT, GMOB, SANS/GIAC certifications are a plus.
    • Experience implementing SAST, DAST, RASP, SCA, OSS solutions as part of a security gate are a plus.
    • Bug Bounty and Vulnerability Disclosure Programs are a plus.

How to get started:
If you’re excited by the idea of seeing yourself in this role at Headspace Health, please apply with your resume and a cover letter that best expresses your interest and unique qualifications.

How we feel about Diversity & Inclusion: Headspace Health is committed to bringing together humans from different backgrounds and perspectives, providing employees with a safe and welcoming work environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together. As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace.  *Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Headspace Health. Please inform our Talent team if you need any assistance completing any forms or to otherwise participate in the application process. 

Headspace Health participates in the E-Verify Program [4].

Headspace Health is committed to protecting the privacy and security of your personal data. Please view our privacy notice here. [5] 


  1. http://www.headspace.com/
  2. http://www.ginger.com/
  3. https://www.fastcompany.com/90666802/headspace-ginger-merger-exclusive-headspace-health
  4. https://www.ginger.com/careers/ginger-e-verify
  5. https://www.headspacehealth.com/page/applicant-notice

Let us send you new openings similar to Application Security Engineer straight to your Inbox. Weekly or Daily. 7-day free trial 💌

The ability to work remotely increases employee happiness by 20 percent.