Ruby on Rails (regular)
Information Security (advanced)
About the role
Physitrack, founded in 2012, is a digital healthcare company and the provider of a solution for patient engagement that encompasses clinical home exercise and education prescription, outcomes tracking and Telehealth for physical rehabilitation and prevention.
Physitrack was born out of a desire to create a more effective way to prescribe exercise programs, as well as improve patient outcomes and reduce unnecessary wastage in healthcare systems around the world.
Physitrack is used by 100,000+ healthcare professionals in 102 countries, including physical therapists, MDs, surgical specialists, exercise physiologists and chiropractors in public and private healthcare.
Physitrack has been a key part of Apple’s Mobility Partner Program since 2015.
We are looking for passionate security engineer willing to take ownership of the security process and tools for their teams.
The main responsibilities of this role are to help a team deliver high-quality software taking security considerations into account and providing guidance to backend, frontend and mobile teams.
To excel at this role, you need to be passionate about DevSecOps. Knowledge about cloud platform security practices and interest in developing security tooling are important as well.
You will have a chance to develop security-oriented tools and processes from conception to completion.
What you’ll be doing
Working closely with developers, acting as a Subject Matter Expert in security threats, vulnerabilities, risks & controls.
Working independently and collaboratively with a development team to support their activities.
Taking ownership of the security side of our AWS infrastructure, Ruby on Rails application as well as iOS and Android apps.
Support the teams with ongoing security risk assessments of new and in-flight projects.
Proactively test the security posture and guide the remediation work for identified application security risks and vulnerabilities.
Identify opportunities for vulnerability remediation and mitigation
Develop tools, documentation, processes, and techniques to ensure the security of our software
Share your experience with the organization to foster a culture of excellence
What you bring to the role
Track record of application security testing, and analysis in modern development environments.
Hands-on software engineering experience, proficiency with at least one scripting / programming language.
Experience with AWS-hosted applications
In-depth knowledge of OWASP guidelines
Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
Solid knowledge of security testing tools and techniques
Being a strong communicator (in English) who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
Experience as a hands-on developer in Ruby or DevOps role
Prior engagement in security efforts for mobile applications
What we offer
Full ownership of the projects you work on.
Proper work-life balance
Flexible work hours in a distributed, remote-first engineering team
Async work with as few meetings through the week as possible
Small, just forming team
What you will be doing will have a real impact on customers’ health and life.
Teams of passionate people who love what they do.
Exciting projects, the ability to implement your own ideas and improvements.
Opportunity to learn and grow.
All teammates get 20 days of regular PTO
Regular team retreats in some amazing locations around the world
Interested? Apply now, or email us any questions! You can reach out directly to the hiring manager for this role