Security Engineer in Bucuresti

Mobile (junior) Ruby on Rails (regular) AWS (regular) Information Security (advanced) Cybersecurity (advanced) About the role Physitrack, founded in 2012, is a digital healthcare company and the provider of a solution for patient engagement that encompasses clinical home exercise and education prescription, outcomes tracking and Telehealth for physical rehabilitation and prevention. Physitrack was born out of a desire to create a more effective way to prescribe exercise programs, as well as improve patient outcomes and reduce unnecessary wastage in healthcare systems around the world. Physitrack is used by 100,000+ healthcare professionals in 102 countries, including physical therapists, MDs, surgical specialists, exercise physiologists and chiropractors in public and private healthcare. Physitrack has been a key part of Apple’s Mobility Partner Program since 2015. We are looking for passionate security engineer willing to take ownership of the security process and tools for their teams. The main responsibilities of this role are to help a team deliver high-quality software taking security considerations into account and providing guidance to backend, frontend and mobile teams. To excel at this role, you need to be passionate about DevSecOps. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion. What you’ll be doingWorking closely with developers, acting as a Subject Matter Expert in security threats, vulnerabilities, risks & controls.Working independently and collaboratively with a development team to support their activities.Taking ownership of the security side of our AWS infrastructure, Ruby on Rails application as well as iOS and Android apps.Support the teams with ongoing security risk assessments of new and in-flight projects.Proactively test the security posture and guide the remediation work for identified application security risks and vulnerabilities.Identify opportunities for vulnerability remediation and mitigationDevelop tools, documentation, processes, and techniques to ensure the security of our softwareShare your experience with the organization to foster a culture of excellence What you bring to the roleTrack record of application security testing, and analysis in modern development environments.Hands-on software engineering experience, proficiency with at least one scripting/programming language.Experience with AWS-hosted applicationsIn-depth knowledge of OWASP guidelinesFamiliarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services spaceSolid knowledge of security testing tools and techniquesBeing a strong communicator (in English) who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership. Bonus pointsExperience as a hands-on developer in Ruby or DevOps rolePrior engagement in security efforts for mobile applications What we offerFull ownership of the projects you work on.Proper work-life balanceFlexible work hours in a distributed, remote-first engineering teamAsync work with as few meetings through the week as possibleSmall, just forming teamWhat you will be doing will have a real impact on customers’ health and life.Teams of passionate people who love what they do.Exciting projects, the ability to implement your own ideas and improvements.Opportunity to learn and grow.All teammates get 20 days of regular PTORegular team retreats in some amazing locations around the worldModern hardware Interested? Apply now, or email us any questions! You can reach out directly to the hiring manager for this role