Senior Security Engineer
At GoodRx, we believe that all Americans should have access to convenient and affordable healthcare. As a nation, we spend about $3.5 trillion annually on our healthcare, but too many Americans don't get the care they need, and prices just keep rising. We started with prescriptions, and we've helped over 100 million Americans save over $15 billion to date. Now, we're aiming to tackle all of healthcare. GoodRx is a profitable business funded by top-tier investors; we're based in Santa Monica with additional offices around the country. We're a low-key and tight-knit group that likes to find new ways to fix problems. If you share our belief that you can do well by doing good, let's talk.
About the Role
GoodRx is looking for a hands-on Senior Security Engineer to keep information safe and eliminate risks across our products and internal systems. This individual will collaborate with GoodRx’s Vice President of Security Engineering and engineering teams to ensure our services are well vetted and maintained. The Sr. Security Engineer will be technically savvy, a strong multitasker and be one step ahead to ensure consistent coverage and eliminate any room for vulnerabilities.
Responsibilities:
- Design and develop security testing scenarios and perform ongoing security testing and code review to improve our security posture
- Maintain our security monitoring solutions and make changes when needed to improve visibility and relevancy of alerting
- Serve as the security expert and communicate information security-related concepts to technical and non-technical team members
- Conduct research on emerging products, services, and standards in support of security enhancement and development efforts
- Help oversee the organizations bug bounty program and work with independent security researchers as needed
- Work directly developers and product managers to help define security requirements for new projects and products
Skills & Qualifications:
- Degree in Computer Science or equivalent experience
- Minimum 5 years experience in the field of application security
- Minimum 3 years experience with Amazon Web Services products and services
- Knowledge and experience complying with various security standards and best practices, particularly related to high traffic consumer facing websites
- Expert technical knowledge of database and Linux operating system security
- Development experience with Python and JavaScript is preferred
- Red/Blue team or relevant experience with modern penetration testing tools
- Strong knowledge of web application design, development and testing techniques
- Strong problem solving and creative skills and the ability to exercise sound judgment and make decisions based on accurate and timely analyses
- You enjoy researching the latest IT security trends
- Experience with HIPAA / SOC-2 / PCI or CCPA a plus
About GoodRx
GoodRx is the country's leading marketplace for affordable and convenient healthcare. The company offers the most comprehensive and accurate resource for prescription medications in the U.S., gathering pricing information from thousands of pharmacies coast to coast. More than 12 million consumers use GoodRx each month to find current prices and discounts for their medications. Since 2011, Americans with and without health insurance have saved more than $15 billion using GoodRx – more than $5 billion in 2019 alone. With GoodRx Care, Americans can get an online medical visit with a skilled physician for fast and easy treatment, prescriptions, and lab tests for routine medical issues. GoodRx is the #1 medical app on the iOS and Android app stores and tens of thousands of doctors recommend GoodRx to their patients. For more information, visit www.goodrx.com.