Senior Application Security Engineer at PathAI (Greater Boston Area, MA or Remote)
Machine learning is eating the world. At PathAI, we're applying it in amazing ways to pathology and healthcare to ultimately help improve people’s lives, one diagnosis at a time. We're applying our work to drug development, the clinical space, and as a global health initiative.
For us, it's still early days – a fast-growing, in-demand business and team, and the need to scale our Information Security team that helps keep us quick and nimble while protecting the sensitive data we handle. At PathAI, we view security as an enabler of our business and have invested significantly to build and grow the team with great support from the leadership team.
We're looking for an experienced application security engineer to join our growing Information Security team, to help us continue to move both fast and safely to have the most impact on the outcomes of patients facing serious diseases. Our security team works on automated tools and creates innovative processes to help make security and compliance at PathAI easy, instant, and omnipresent. If you're the right candidate for this hands-on role, you'll be part of the PathAI Information Security team in no time and be able to:
- Lead application security reviews and threat modeling, including code review and dynamic testing.
- Lead in development of automated security testing to validate that secure coding best practices are being used.
- Participate and assist in initiatives to holistically address multiple vulnerabilities found in a functional area
- Support and consult with product and development teams in the area of application security.
- Guide and advise product development teams as SMEs in the area of application security.
- Own and perform application security vulnerability management.
Our employees come in all shapes and sizes, but to be successful in this role with us, you'll at least need:
- Experience. We expect that this role will require 4+ years of experience working in the software development industry and/or in a highly regulated space, with responsibilities relating to application security. If you have fewer years of experience but think you can hang, tell us why.
- Education. Generally, a Bachelor’s of Science degree in Computer Science, Engineering, Computer Security, Information Systems, OR comparable level of professional experience in a relevant field is really helpful in working with our team on this kind of work. But feel free to convince us if you're the exception.
- Strong understanding and experience with common security libraries, security controls, practices, and common security flaws.
- Experience identifying and resolving security issues through code review and dynamic testing
- Excellent written and verbal communication skills.
- Experience with OWASP, static/dynamic analysis, and common security tools.
- Ability to work independently, manage workload, and meet deadlines
- Strong experience working closely with developers.
For the right candidate, we'll offer a competitive salary plus equity. Your compensation is rounded out by a strong benefits package:
- Flexible work hours, with work-from-home options available
- Three weeks of paid leave per year, an additional two weeks of sick time, plus extended holidays and team-approved leave
- Ten days of 100% subsidized childcare per year
- Healthcare, vision, and dental insurance plans (HMO or PPO), with voluntary add-ons available for dependent care, life, and accident coverage
- Commuter benefit available for public transit or parking
Most importantly, you'll be doing important work with a team of people you'll genuinely enjoy spending the day with.
PathAI is an equal opportunity employer, dedicated to creating a workplace that is free of harassment and discrimination. We base our employment decisions on business needs, job requirements, and qualifications — that's all. We do not discriminate based on race, gender, religion, health, personal beliefs, age, family or parental status, or any other status. We don't tolerate any kind of discrimination or bias, and we are looking for teammates who feel the same way.
PathAI does not accept unsolicited submissions from third-parties.