Application Security Engineer

Application Security Engineer- TLV

The Gist

Vim is the fastest growing middleware platform transforming healthcare. Experience the power of seamless data exchange and collaboration among Doctors,Insurance, tech companies, and more. Our platform enhances clinical workflows at the point of care, empowering organizations to improve performance, achieve operational efficiencies, and drive innovation. Seize the opportunity to be at the forefront of healthcare transformation with Vim!

What we are doing at Vim

Vim has built a next-generation clinical workflow integration technology that is fostering connectivity across the healthcare ecosystem. Our proven Core Application suite for diagnosis gaps, care gaps, referrals, medication recommendations, data exchange and more has paved the way for us to unlock accelerated healthcare innovation through our new developer platform.

The Role

The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.

You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.

Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.

If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.

Join us in our relentless pursuit of robust security and a continuously hardening application landscape.

What you will do

• Conduct internal penetration testing against Vim’s applications and APIs.
• Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
• Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
• Build and automate security testing as part of Vim’s CICD pipeline and cloud environments based on automation workflows leveraging AI.
• Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
• Mentor development teams through training and hackathons.
• Support security incident response in a cross-functional environment

Who we are looking for

• 3+ years of relevant experience
• Experience with application security and hands-on penetration testing
• Experience in application development with at least one modern programming language.
• Experience performing code reviews
• Expertise in security tools and processes, including SAST, DAST, SCA, vulnerability scanners, and Kubernetes security tooling.
• Knowledge of DevOps and DevSecOps practices
• Knowledge of web application architectures
• Knowledge of threat modeling
• Strong self-driven learning abilities, staying current with industry trends and technologies

What is Nice to Have

• Offensive Security Certifications such as OSCP, AWAE, OSCE
• Relevant certifications and knowledge in cloud such as: AWS, Azure, CISSP, CCSK, Kubernetes (K8s).
• Knowledge of security frameworks, regulations, and standards such as HITRUST, HIPAA, and SOC2.
• Experience with CTFs and/or bug bounties

Vim’s Culture

Our employees are go-getters and bring "Vim and Vigor" to their everyday work life; they are expected to ask bold questions and work as a team towards the success of the company. We prioritize employee satisfaction through a comprehensive range of benefits designed to enhance work-life integration and foster a positive culture.

• We believe in investing in our team's future, offering an enticing option plan that aligns their success with the company's growth
• We embrace the hybrid work model, and offer the flexibility of working several days from home, ensuring comfort and productivity 
• Our dog-friendly policy recognizes the importance of furry companions in our lives.
• Regular happy hours provide opportunities for socializing and team bonding, while company-wide breakfasts encourage camaraderie and collaboration
• At Vim we also provide flexible days off, our employees can manage their schedules according to personal needs, promoting overall well-being.
• We embrace a growth mindset, and encourage continuous learning and development, empowering employees to reach their full potential both personally and professionally