Senior Security Engineer
We are a 150+ person team funded by top-tier firms, based in Santa Monica, CA with satellite offices in San Francisco. We are a low-key but tight-knit group of hard-working people working to fix America's broken healthcare system. Americans spend over $400 billion per year on prescriptions and too many people simply can't afford the medications they desperately need. Join GoodRx and help us solve meaningful problems that help us make people’s lives better every day.
About the Role
GoodRx is looking for a hands-on Senior Security Engineer to keep information safe and eliminate risks across our products and internal systems. This individual will collaborate with GoodRx’s Director of Security Engineer and engineering teams to ensure our services are well vetted and maintained. The Sr. Security Engineer will be technically savvy, a strong multitasker and be one step ahead to ensure consistent coverage and eliminate any room for vulnerabilities.
Responsibilities:
- Design and develop security testing scenarios and perform ongoing security testing and code review to improve our security posture.
- Maintain our security monitoring solutions and make changes when needed to improve visibility and relevancy of alerting
- Serve as the security expert and communicate information security-related concepts to technical and non-technical team members
- Help design and implement an enterprise wide Identity Access Management (IAM) solution.
- Conduct research on emerging products, services, and standards in support of security enhancement and development efforts
- Help oversee the organizations bug bounty program and work with independent security researchers as needed
- Work directly developers and product managers to help define security requirements for new projects and products
Skills & Qualifications:
- Knowledge and experience complying with various security standards and best practices, particularly related to high traffic consumer facing websites
- Expert technical knowledge of database and Linux operating system security
- Minimum 5 years' experience in the field of application security.
- Minimum 3 years’ experience with Amazon Web Services products and services. (EC2, S3,RDS, Macie, Lambda, etc.)
- Degree in Computer Science or equivalent experience
- Development experience with Python and JavaScript is preferred
- Red/Blue team or relevant experience with modern penetration testing tools
- Experience with PCI / SOX / SOC-2 / HIPAA audits a plus.
- Strong knowledge of web application design, development and testing techniques
- Strong capacity for debugging web application and security issues
- You enjoy researching the latest IT security trends
- Strong problem solving and creative skills and the ability to exercise sound judgment and make decisions based on accurate and timely analyses
About GoodRx
GoodRx is America’s leading prescription price transparency platform. More than 8 million people use the GoodRx website and our mobile apps each month. GoodRx helps consumers save up to 80% on their medications by delivering prices and available discounts at nearly every pharmacy in the U.S. Thousands of physicians and employees use GoodRx, and its services have been positively reviewed by Good Morning America, the American Heart Association, The New York Times, ABC News, AARP, Forbes and many others.