Security Engineer

About us:
Oncora Medical is a fast-growing, venture-backed healthtech startup in Philadelphia, PA. We are building software that is revolutionizing the way doctors treat cancer. We integrate data from existing clinical software tools, train predictive models for patient outcomes, and present the information to cancer physicians through intuitive visualizations. By personalizing each patient's treatment with big data and machine learning, we help physicians make smarter, more confident decisions in less time.

About the role:
A software engineer or architect with a focus on security. You'll be responsible for implementing and monitoring security measures around our web application and network infrastructure on AWS. You will work with our small team of engineers and scientists to ensure that new and old code meets security requirements and that sensitive health data remains safe and secure. You'll also help maintain and improve company security procedures and help respond to security incidents if they should arise.

  • Implement and monitor security measures to protect software systems, networks, and sensitive information
  • Collaborate with colleagues on authentication, authorization, and encryption solutions
  • Configure and install firewalls and intrusion detection systems
  • Perform penetration testing, vulnerability scanning, risk analyses, and security assessments
  • Respond to and solve information security issues during each stage of a project’s lifecycle
  • Develop automation scripts to handle and track incidents
  • Define the security requirements of our software and communicate these requirements to the team
  • Implement and maintain company security policies and procedures

  • BS/MS in Computer Science or equivalent experience
  • Strong security-focused, full-stack engineering experience
  • Ideally you'll have specific experience deploying and maintaining a HIPAA-compliant web app
  • Experience operating in AWS or similar cloud architectures
  • Excellent understanding of encryption, signing, authentication schemes, and protocols
  • Good technical knowledge of TLS and PKI
  • Experience with Linux security, permission system, and namespaces
  • Understanding of token, certificate, JWT, and OAuth authentication
  • Knowledge of common web application vulnerabilities (OWASP)
  • Ideally you'll have prior experience using tools like Terraform/Cloudformation and SaltStack/Ansible/Puppet/Chef for infrastructure automation
  • Tendency to seek simple, elegant solutions to complex problems

Sorry, we do not offer visa sponsorships at this time.

Compensation, Benefits, and Perks:
  • Salary: $100-150k, plus stock options
  • 401k (no match currently)
  • Group health and dental insurance
  • Open vacation policy
  • Allowances: eBooks, online courses, workstation setup
  • Gym membership 
  • Events: happy hours, team dinners, conversations with oncologists
  • You get to work with smart, passionate people on a product that will have a direct impact on the quality of life for cancer patients
Oncora Medical is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, religious creed, disability, ancestry, national origin, sexual orientation, gender identity, or gender expression.

Want to apply later?

Type your email address below to receive a reminder

ErrorRequired field

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field