Software Security Engineer/Analyst

The security team at LifeOmic strives to deliver real security that matters. We are looking for a talented security engineer with a software security, vulnerability management and preferably AWS background to assist with keeping our products safe and maintaining a cloud-first, zero-trust security model that exceeds compliance standards.   

The core duties and responsibilities will include, but are not limited to:

    • Manage product security findings in Jira, from discovery through mitigation and deployment 

    • Review, triage and coordinate remediation of product-related security alerts (both code vulnerabilities and AWS alerts) 

    • Conduct security reviews of production change management requests and security code reviews, including terraform resources

    • Perform hands-on security testing on in-development features 

    • Comprehensively manage LifeOmic Security Team’s responses to customer security and compliance requests  

    • 20%-50% of your time will be dedicated to security automation and contributing to our DevOps pipeline 

    • Participate in development standups and work closely day-to-day with development team 

Qualifications:

    • Hands-on experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25 

    • Experience with web, cloud, and microservices architectures, especially AWS 

    • Ability to script security operations processes to drive automation 

    • Relevant development experience with JavaScript/NodeJS 

    • Experience with security analysis and/or operations.  

    • Experience validating and triaging security vulnerabilities 

    • An established comfort level with various security SAST/DAST solutions such as Whitehat/Veracode/Fortify 

    • The desire to break things and a love for startups 

Preferred Skills:

    • Understanding of CI/CD pipelines, such as Jenkins 

    • Understanding of infrastructure-as-code, such as Terraform and AWS Cloudformation

    • Experience with cloud security services such as Dome9, Okta, etc. 

About LifeOmic    

We're on a mission to disrupt the precision medicine space with a HIPAA-compliant cloud platform that will revolutionize how clinical patient data is stored, presented, and used by doctors, labs, researchers, etc.  We were founded in late 2016 and are building an all-star team of software designers, developers, and architects.    

LifeOmic has offices in Indianapolis (IN), Research Triangle Park (NC), and Salt Lake City (UT).