Sr. Application Security Engineer at Quartet Health
Quartet is a platform that makes it easier for people to get the best mental health care for them. Our technology and services reach people who need care, connect them to the right care, track the quality of their care, and support their care journeys. Backed by $160.5MM in venture funding from top investors like Oak HC/FT, GV (formerly Google Ventures), F-Prime Capital Partners, Polaris Partners, Deerfield Management, Centene Corporation, and Echo Health Ventures, Quartet partners with health insurance plans and health systems in 32 states across the country to help people get the care they need.
We are deeply committed to growing a diverse team and an equitable and inclusive culture where all Quartetians are empowered to be themselves and do their best work. We know this is vital in realizing our mission to improve the lives of people with mental health conditions. As part of our commitment to building a diverse team, we have signed the Parity Pledge and actively encourage applicants of all backgrounds to apply.
About the team & Opportunity: You will be part of our growing security team at Quartet Health. You will be tasked with the build-out of Quartet's security infrastructure, with a focus on automation, and eventually your focus will shift to day-to-day operations and break/fix.
- Design, test, and deploy various security solutions for Quartet’s internal and external systems
- Implement effective methods in anomaly-based attack detection / prevention and attack surface reduction
- Automate the static code analysis (SCA) process to detect security vulnerabilities before code is deployed
- Promote secure coding practices within the application development teams
- Work on improvement of existing tools and development of new tools
Qualifications - Minimum
- 3+ years working as a Security Analyst, Security Engineer (or comparable role), preferably in an AWS environment
- Experience with any of the following areas of compliance: (HIPAA, NIST 800-171, HITRUST)
- You are adept at using scripting languages to automate tasks (Python, AWK, Nodejs)
- You understand modern web application architecture (MVC using React / Angular) and how to secure it (OWASP)
- Have a solid understanding of common networking protocols and operations engineering (specifically MacOS and popular Linux variants)
Qualifications - Preferred
- Familiarity with Open Source security tools (e.g. ELK stack) and common network services (LDAP, DNS, NTP, etc.)
- Familiarity with the following security domains: Incident Management/Forensics (primarily MacOS and Linux Ubuntu); Vulnerability Management (Tenable, Amazon Web-Services integrations); Application Security:Web-app security scanners (Burp Suite, Netsparker), Auditing code for vulnerabilities;
- Knowledge of security standards, principles, techniques, and technologies (OWASP, ISO27001, NIST 800-53, Common Criteria TSPs etc.)
Employee Benefits for Quartet include: Unlimited vacation, volunteer opportunities, team events, mental healthcare coverage of 15 free therapy sessions + unlimited copay reimbursements, medical, dental + vision coverage, generous parental and military leave, commuter benefits, 401K, and stock option grants.
Want to know what Quartet life is like? Click here to meet our team.
Quartet actively encourages applicants of all backgrounds to apply and is proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, ancestry, religion, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender, gender identity or expression, pregnancy or caregiver status, veteran status, or any other legally protected status. To perform this job successfully, an individual must be able to perform essential job duties - reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential job functions. If you require assistance in completing this application, interviewing, or otherwise participating in the employee selection process, please direct your inquiries to [email protected]
Please note: Quartet interview requests and job offers only originate from quartethealth.com email addresses (e.g. [email protected]). Quartet will also never ask for bank information (e.g. account and routing number), social security numbers, passwords, or other sensitive information to be delivered via email. If you receive a scam email or wish to report a security issue involving Quartet, please notify us at: [email protected]
Have someone to refer? Email [email protected] to submit their details to us.