Senior Security Engineer 🔥
About Us
For over a decade, Reify Health has been paving the way to faster, predictable, and more accessible clinical trials. Through its business entities,
OneStudyTeam
and Care Access, the company provides best-in-class trial optimization software and transformative clinical trial infrastructure that delivers research directly to more healthcare providers, communities, and patients wherever they are. Through partnerships with top biopharma companies, thousands of research clinics worldwide, and leading healthcare & community organizations, Reify Health is helping bring new medicines to patients faster, one trial at a time.ÂAs of September 2022, the team working on StudyTeam is now known as
OneStudyTeam
. Both new and familiar, this name reflects the mission shared by our technology and our people: to connect and enable every stakeholder in the clinical trial ecosystem to carry out the work of research better, sooner, and together.OneStudyTeam
, like Care Access, will continue to operate as a business inside Reify Health but will now do so using theOneStudyTeam
name and brand to represent the business overall. All StudyTeam products will continue to utilize the StudyTeam name and branding, and our users will continue to access our products in the same way. For more information about this transition, see press release here.ÂBy joining our team, you will become a leading subject matter expert on the security of modern web applications, APIs, and cloud infrastructure. In close collaboration with technical advisors and staff engineers, you will assess the security of new applications, features, partner integrations, data flows, and internal StudyTeam configuration/administration tools. You will also serve as a technical leader on incident response and mentor other Security Team members.Â
What You’ll Be Working On:- Integrate with data and software engineering teams to assess the security of new applications, features, partner integrations, data flows, and internal product configuration/administration tools.  Â
- Develop solutions to enable and enhance security of StudyTeam SaaS applications, associated data transfers, and infrastructure (AWS). Â Â
- Assess, validate as necessary, coordinate, and confirm remediation of vulnerabilities identified through 3rd party penetration testing and internal vulnerability scans in conjunction with engineering teams (e.g, DevOps/SRE, Software Engineering).
- Play a key role in the selection, design, configuration and use of additional vulnerability scanning technologies (e.g., container scanning, SCA/SBOM, SAST, DAST, IAST, RASP).
- Serve as a technical leader on incident response for web applications and infrastructure.
- Recommend, drive, and implement improvements to One StudyTeam’s Security Program, including how the program is integrated within the SDLC .
- Author, and when appropriate delegate to team members, formal technical risk assessments documenting security findings and outlining required mitigating controls.
- Participate in the selection and implementation of a re-imagined SIEM solution
- 5 or more years experience in a dedicated technical security role is required.
- Proficiency in Python for programmatic data analysis and automation is required.
- Deep understanding of modern application stacks including microservice architectures, containerization, CI/CD, and IaC in a cloud environment such as AWS or GCP is required.
- Solid knowledge of OWASP Top 10 from both the attack chain and mitigation perspectives.
- Understanding of modern source control systems (e.g., Git, Gihub) is required.
- Desire to mentor other security team members while concurrently collaborating with senior engineers is required.Â
- Prior experience collaborating with Data, Engineering, DevOps/SRE andProduct teams to assess technical security risks is a strong plus. Â
- Experience leading technical incident response for modern web applications and infrastructure is a strong plus.
Benefits (US Full-Time Employees Only)
Competitive salary and stock options
ÂRemote-first!
Work from anywhere.Flexible PTO & working hours
Up to 16 weeks 100% paid parental leaveÂ
100% paid health coverage for employees with option of HSA
: Includes employer HSA contribution of $400 for individuals or $800 for families- Additional plans available at >70% premium coverage
100% employer-sponsored dental & vision plans for employees
Supplementary, low-premium benefits:
Short-term/Long-term disability, voluntary life insurance, pet insurance(!), legal & identity protectionFree access for employees and dependents
to health care advocacy team (Alight Health Pros), and 24/7 telemedicine access (Eden Health)401(k) retirement plan with 4% employer match
Company-provided laptopÂ
$1300 annual home office reimbursement
Team Fun:
Regularly scheduled virtual eventsAnnual fitness and weight loss reimbursements:
Up to $150 each per yearLearning and Development:Â
Your very own LinkedIn Learning license so that you can upskill or just learn something new!Access to Benefits Marketplace:
A special discount hub for OST employees to access deals on things like electronics & home goods to wireless service or travelGuardian’s College Tuition Benefit Program:
Enroll any child dependents under the age of 17 for up to $4000 per year towards college tuition
We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status.
Note
: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OST works with a Professional Employer Organization.For a detailed overview of Reify Health's privacy policy, please visit www.reifyhealth.com/privacy-policy. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).