Your role at Vim as an Application Security Expert:

Vim's mission is to power affordable, high quality health care through seamless connectivity. We're a technology company that builds digital infrastructure for US health care. Health plans, patients, and medical providers of every size – from independent practitioners to integrated delivery systems – use our software to connect data and care across the health system.

What you will do:

As an application security expert, you’ll provide guidance and lead our Secure SDLC program. Among those responsibilities:

• Provide guidance on prioritization and remediation of security issues.
• Provide guidance on secure SDLC implementation.
• Assess the risks of new initiatives and features.
• Mentor development teams through training, brown bags, and hackathons.
• Assess the application design and architecture against security best practices.
• Perform threat modeling of new and existing applications.
• Conduct manual security assessments against web applications and APIs.

What we are looking for:

• 5+ years of relevant experience
• Experience with application security and hands-on penetration testing
• Experience in application development with at least one modern programming language.
• Knowledge of OWASP
• Knowledge of DevOps and DevSecOps practices (including CICD security controls)
• Experience performing code reviews
• Knowledge of web application architectures
• Knowledge of threat modeling
• Cloud technology, specifically AWS

About us: We are headquartered in San Francisco, with R&D in Tel Aviv, and are backed by Sequoia, GreatPoint Ventures, Optum Ventures, and large BCBS payers. Our customers include health plans and physician-led healthcare systems.

By inputting your information and clicking “Submit Application”, you acknowledge that you have read and agree to Vim’s Candidate Privacy Notice.