Application Security Engineer

Application Security Engineer TLV The Gist Vim is the fastest growing middleware platform transforming healthcare. Experience the power of seamless data exchange and collaboration among Doctors,Insurance, tech companies, and more. Our platform enhances clinical workflows at the point of care, empowering organizations to improve performance, achieve operational efficiencies, and drive innovation. Seize the opportunity to be at the forefront of healthcare transformation with Vim! What we are doing at Vim Vim has built a next-generation clinical workflow integration technology that is fostering connectivity across the healthcare ecosystem. Our proven Core Application suite for diagnosis gaps, care gaps, referrals, medication recommendations, data exchange and more has paved the way for us to unlock accelerated healthcare innovation through our new developer platform (Canvas) . Healthcare and technology builders of all sizes, including national health plans, leading Management Services Organizations (MSOs), value-based care enablers, and tech companies, use Vim's platform to connect with over 6,000 care provider organizations. Through these connections, builders can equip care providers with the tools and resources they need to focus on their mission: providing exceptional care to each and every patient. Don’t miss the opportunity to join Vim and influence the future of healthcare delivery. The Role The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices. You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment. Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations. If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team. Join us in our relentless pursuit of robust security and a continuously hardening application landscape. What you will do Conduct internal penetration testing against Vim’s applications and APIs. Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle. Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation. Build and automate security testing as part of Vim’s CICD pipeline and cloud environments based on automation workflows leveraging AI. Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling. Mentor development teams through training and hackathons. Support security incident response in a cross-functional environment Who we are looking for 3+ years of relevant experience Experience with application security and hands-on penetration testing Experience in application development with at least one modern programming language. Experience performing code reviews Expertise in security tools and processes, including SAST, DAST, SCA, vulnerability scanners, and Kubernetes security tooling. Knowledge of DevOps and DevSecOps practices Knowledge of web application architectures Knowledge of threat modeling Strong self-driven learning abilities, staying current with industry trends and technologies What is Nice to Have Offensive Security Certifications such as OSCP, AWAE, OSCE Relevant certifications and knowledge in cloud such as: AWS, Azure, CISSP, CCSK, Kubernetes (K8s). Knowledge of security frameworks, regulations, and standards such as HITRUST, HIPAA, and SOC2. Experience with CTFs and/or bug bounties Vim’s Culture Our employees are go-getters and bring "Vim and Vigor" to their everyday work life; they are expected to ask bold questions and work as a team towards the success of the company. We prioritize employee satisfaction through a comprehensive range of benefits designed to enhance work-life integration and foster a positive culture. We believe in investing in our team's future, offering an enticing option plan that aligns their success with the company's growth We embrace the hybrid work model, and offer the flexibility of working several days from home, ensuring comfort and productivity Our dog-friendly policy recognizes the importance of furry companions in our lives. Regular happy hours provide opportunities for socializing and team bonding, while company-wide breakfasts encourage camaraderie and collaboration At Vim we also provide flexible days off, our employees can manage their schedules according to personal needs, promoting overall well-being. We embrace a growth mindset, and encourage continuous learning and development, empowering employees to reach their full potential both personally and professionally By inputting your information and clicking “Submit Application”, you acknowledge that you have read and agree to Vim’s Candidate Privacy Notice .