Application Security Engineer

Application Security Engineer 

TLV

The Gist 

Vim is one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. We're solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.

Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.

At the heart of our platform is Vim Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. It's designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, we're expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.

The Role

The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices. 
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team. 
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.

What you will do 

• Conduct internal penetration testing against Vim's applications and APIs.
• Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
• Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
• Build and automate security testing as part of Vim's CICD pipeline and cloud environments based on automation workflows leveraging AI.
• Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
• Mentor development teams through training and hackathons.
• Support security incident response in a cross-functional environment

Who we are looking for 

• 3+ years of relevant experience
• Experience with application security and hands-on penetration testing
• Experience in application development with at least one modern programming language.
• Experience performing code reviews
• Expertise in security tools and processes, including SAST, DAST, SCA, vulnerability scanners, and Kubernetes security tooling.
• Knowledge of DevOps and DevSecOps practices 
• Knowledge of web application architectures
• Knowledge of threat modeling
• Strong self-driven learning abilities, staying current with industry trends and technologies

What is Nice to Have

• Offensive Security Certifications such as OSCP, AWAE, OSCE
• Relevant certifications and knowledge in cloud such as: AWS, Azure, CISSP, CCSK, Kubernetes (K8s).
• Knowledge of security frameworks, regulations, and standards such as HITRUST, HIPAA, and SOC2.
• Experience with CTFs and/or bug bounties

Vim's Culture

Our employees are go-getters and bring "Vim and Vigor" to their everyday work life; they are expected to ask bold questions and work as a team towards the success of the company. We prioritize employee satisfaction through a comprehensive range of benefits designed to enhance work-life integration and foster a positive culture.

• We believe in investing in our team's future, offering an enticing option plan that aligns their success with the company's growth
• We embrace the hybrid work model, and offer the flexibility of working several days from home, ensuring comfort and productivity  
• Our dog-friendly policy recognizes the importance of furry companions in our lives. 
• Regular happy hours provide opportunities for socializing and team bonding, while company-wide breakfasts encourage camaraderie and collaboration
• At Vim we also provide flexible days off, our employees can manage their schedules according to personal needs, promoting overall well-being. 
• We embrace a growth mindset, and encourage continuous learning and development, empowering employees to reach their full potential both personally and professionally

By inputting your information and clicking "Submit Application", you acknowledge that you have read and agree to Vim's Candidate Privacy Notice.