Doximity

Infrastructure Security Engineer

Remote San Francisco, CA
USD 135k - 190k
Puppet Python Ruby Go AWS Chef Shell Vue.js MySQL Spark Kubernetes Bash JavaScript Ansible Terraform
This job is closed! Check out or
Description

Doximity is transforming the healthcare industry. Join our mission to help every physician be more productive and provide better care for their patients. As medicine's largest network in the United States, there's an elevated level of responsibility in everything we do. We don't take that responsibility lightly and are committed to building diverse teams with an inclusive culture that can make a direct impact on the healthcare system.

One of Doximity's core values is stretching ourselves. Even if you don't check off all the boxes below we encourage you to apply. Doximity is full of exceptional people who bring their own unique experiences to work everyday and make us all better for it!

 

We are looking for an experienced DevOps engineer to join our growing Infrastructure and Application Security team. You will contribute and own Security efforts for our entire application and infrastructure stack as well as support and build products alongside our 300+ person engineering team used by millions of medical professionals. 

This role can be filled in our San Francisco Headquarters or remotely in the U.S.

How you’ll make an impact:

  • Help maintain our private security bug bounty program hosted on hackerone: this involves engaging security researchers, validating security finds, determining impact/risk, awarding bounties, and fixing or coordinating remediation efforts.
  • Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
  • Help set good security posture; this includes: finding bad security habits and encapsulating good secure defaults into libraries/modules with tools such as ansible, chef, terraform, helm charts, ArgoCD, kubernetes, etc that other teams will leverage. 
  • Write and perform penetration tests for applications and infrastructure.
  • Active participation in design, implementation, and maintenance of the development, staging, and production infrastructure and application security.
  • Work on automating tasks using tools such as Terraform, Ansible, Chef (legacy), kubernetes, etc.
  • Analyze HTTP traffic to create and update WAF rules to reduce the effectiveness of malicious bots, scrappers, and attackers
  • Lead security/policy related audits such as SOC2 Type II.
  • Works with key stakeholders to document existing security policies and create new ones.
  • Remediate and write post-mortem reports on security-related issues.
  • Work with developers to deploy applications ready for production in a secure manner.
  • Perform Threat Hunting on a regular basis
  • Create security observability using a variety of tools such as SIEM, CSPM, IDS, etc
  • Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.
  • Troubleshoot issues across the whole stack: hardware, software, and network.
  • Periodically audit and rotate access credentials.
  • Work with IT as an escalation point on behalf of sales and client services teams to answer application or infrastructure-related security questions and concerns that clients inquire about.

What we’re looking for:

  • A “Hacker Mindset”
  • Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.
  • Minimum of 2 years of relevant web application or infrastructure security experience. It does not need to be a security-specific position. The most important thing is passion/desire for security.
  • Extensive AWS experience
  • Automation experience with configuration and resource management tools such as Terraform (preferred), Ansible, Chef, Puppet, or Cloudformation.
  • Proficient in bash shell scripting and one of Ruby, Python, or Golang.
  • Experience with CI and CD using tools such as Github Actions, Atlantis, Jenkins, circleci, rspec, serverspec, inspec, test kitchen, etc.
  • Ability to work in a proactive manner

Nice to haves

  • Experience writing application and/or security penetration tests with an open source framework.
  • Intermediate to advanced experience administering and securing an RDB.
  • Experience with Kubernetes (or other schedulers), Grafana, Prometheus.

Additional Role Expectations

  • You’ll be asked to maintain a minimum of 5 hours overlap with 9:30 to 5:30 PM Pacific time.
  • Participate in a 1-week on and 5 weeks off, 24/7 on-call rotation.
  • Travel to company offsites once/quarter is expected

Compensation

The US total compensation range for this full-time position is $135,000 - $190,000 (inclusive of salary + equity) Our ranges are determined by role and level. The range displayed on each job posting reflects the approximate total target compensation for the position across the US. Within the range, individual pay is determined by factors including relevant skills, experience, and education/training. Please note that the compensation listed does not include benefits.

More on Benefits & Perks

Doximity is proud to offer industry-leading benefits. Some of our offerings include: 

  • Medical, dental, vision offerings for you and your family
  • 401k with matching program
  • Employee stock purchase plan
  • Family planning support, Childcare FSA, and parental leave
  • Life, AD&D, and Disability
  • Generous time off, holidays and paid company trips
  • Wellness benefits…plus many more!

About Doximity

 

More About Doximity…

For the past decade, it’s been our mission to help every physician be more productive so they can provide better care for their patients. We believe that when doctors are connected, the healthcare system works better and patients benefit. Doximity enables our verified clinician members to collaborate with colleagues, stay up-to-date with the latest medical news and research, manage their careers, and conduct virtual patient visits. Today, Doximity is the leading digital platform for U.S. medical professionals, with over 80% of physicians, 50% of all nurse practitioners and physician assistants, and 90% of graduating medical students as members. 

Joining Doximity means being part of an incredibly talented and humble team passionate about improving inefficiencies in our $4.3 trillion U.S. healthcare system. We are a team of doers who solve problems everyday by treating obstacles like an adventure, and we love creating technology that has a real, meaningful impact on people’s lives. Doxers are committed to working towards a more equitable world both within and beyond our office walls. This starts by fostering an inclusive and diverse work environment where differences are valued and all employees are encouraged to bring their full, authentic selves to work daily. To learn more about our team, culture, and users, check out our careers page, company blog, and engineering blog. We’re growing fast, and there’s plenty of opportunity for you to make an impact—join us! For more information, visit Doximity.com.

____________________________________________

EEOC Statement

Doximity is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

Doximity
Doximity
Health Care Internet Medical Mobile Apps Software

6 applies

244 views

Other Jobs from Doximity

Data Analyst

Remote San Francisco, CA

Senior Software Engineer, Data

Remote San Francisco, CA

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

50,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 166 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

Cancel anytime / Money-back guarantee

Wall of love from fellow engineers