At Eye Care Leaders, we're dedicated to equipping clinicians with innovative, secure technology, enabling them to focus on delivering life-changing care to every patient. By joining our team, you'll be at the heart of this mission, helping us continuously improve our offerings to enhance the experiences of both patients and practices.
We are a remote-first company with no physical offices, allowing our employees the flexibility to work from anywhere. Every Eye Care Leaders employee is part of a global community, where a vital support network ensures everyone feels heard and valued. Our team is driven by core values: Customer Centricity, Excellence in Execution, and Teamwork.
We believe that our work has a profound impact on society. Better eye care leads to a healthier, happier population, and our values keep us aligned with this larger vision.
Job Description:As a Lead Application Security Engineer, you will be an AppSec SME in Eye Care Leaders' product development and information security teams. In this role, you will shape the application security posture of the entire Eye Care Leaders business, from its products and cloud services to the people and infrastructure. Your responsibilities include but are not limited to evolving and executing Eye Care Leaders' Secure Development Lifecycle, defining and operationalizing security and privacy standards, performing threat models and security assessments, providing training and deep guidance on remediation and security best practices.
ResponsibilitiesWork with Engineers, Product Managers, and Designers at the earliest planning and design phases.Implement automated security testing across the software development lifecycle.Conduct penetration tests and security reviews for core applications and APIs.Collaborate and advise engineering teams on building authentication, authorization, and encryption solutions.Develop tools to test, monitor, and enforce security across our applications.Coordinate with external security researchers testing our application.Guide a team of developers focused on application security for enterprise applications as well as public facing digital solutions.Conduct dynamic scans and work with development teams to resolve security vulnerabilities uncovered via Static Scans, Software Composition Analysis, Dynamic Scans, and Code Reviews.Establish and govern security best-practices for developers.Update and communicate documentation on secure coding practices to the larger development organization.Establish metrics and reporting for application security risks based on standards.RequirementsBachelor's degree in Information Security, Computer Science or related field or equivalent work experience.Preferred certifications: OSCP, OSCE, CEH.5+ years of experience in Application Security Practice.Extensive hands-on working experience with BurpSuite Pro, SonarQube, Lint, Dependency Track, ZAP, and Kali Linux.Extensive working knowledge in Source Code Review, Penetration Testing, Security Testing or Vulnerability Assessment and Threat Modeling.Good working experience with OWASP Top 10 for web and APIs, ASVS, and CWE Top 25.Ability to identify risks in code, applications, software architecture, and internal development processes.Experience with Web 2.0 technologies such as PHP, JavaScript, GWT, AJAX, jQuery, Sencha GXT, Sencha ExtJS and React/AngularJS is a strong plus.Good Analytical, Communication, Presentation and Documentation skills.Global Benefits at Eye Care LeadersWe believe that healthy and happy employees are more productive and better equipped to serve our customers. With this in mind, we offer a generous benefits package to all employees.
From flexible schedules and paid time off to comprehensive health and retirement plans, our benefits are designed to support your well-being. Specific benefits vary by country and can be discussed with our HR team.
Apply Now
Become a part of our mission to transform eye care and improve lives. Apply today and help us make a difference.
#J-18808-Ljbffr
