About Lively
Lively set out to raise the bar on benefit solutions, because we believe no one should have to sacrifice personal wellness for financial wellness. While traditional benefits focus more on transactions and less on the humans using them, Lively harnesses user-centric design and innovative technology to deliver an effortless experience for employers and account holders alike. Our modern HSA is consistently top-rated, and we have since expanded our offerings to provide a full suite of other benefits and services for companies, consumers, and financial institutions.
Lively is a remote-first company, headquartered in San Francisco with employees across the US. Come join us and help make getting the value out of your benefits as simple as it should be.
About the Role
We are looking for a Senior Software Engineer to focus on security. As an integral member of the engineering team, you will participate in further securing our investment and financial products. Our customers trust us with a lot: integrating seamlessly across financial institutions, moving funds, tracking balances, helping with their healthcare decisions, and critically: keeping their data secure. In order to take on this mission we’re building our applications on modern web technologies around HTML/CSS/Javascript/React, Node.js/Typescript and PostgreSQL.
We're looking for an engineer who will focus on cryptography & hashing, access control patterns (ACLs, SSO, etc), adding additional SAST/DAST tests, monitoring for and patching new vulnerabilities, proactively seeking out existing vulnerabilities or antipatterns, participating in incident postmortems and RCAs, mentoring the rest of the engineering team on infosec best practices, reviewing high-risk changes to the codebase, and other infosec tasks. You'll work closely with the Head of Security and other team leads on large and small projects aimed at further improving the security of our web application.
Even though this position is based in Portugal, you will be working closely with US-based employees. You must be fluent in both written and spoken English.
Responsibilities
- Work to ensure Lively is constantly utilizing the most recent standards, tools, and tech to ensure proper defense in depth.
- Help the product and engineering org discover and mitigate information security risks for new products and features.
- Work with the Head of Security to further refine infosec policies and their controls.
- Identify and lead the secure design and implementation of new security initiatives and improvements to the existing web application.
- Opt for buy-in and understanding from stakeholders and teams when making decisions to help foster our open door approach to infosec.
- Help ensure our application is free of vulnerabilities by keeping third party dependencies patched.
- Help identify, investigate, and mitigate security incidents involving our web application.
- Assist with security incident postmortems and root cause analysis.
- Identify and model new and existing threats to our web application.
- Security mentorship and outreach to internal development teams.
- Review high-risk changes to the web application.
- Occasionally answer web application security questions from partners, auditors, and customers.
- Implement features and functionality with clean and maintainable code.
- Take pride in software quality through rigorous functional testing and writing automated unit tests.
- Troubleshoot production issues, provide resolutions and recommendations for improvement.
Skills & Experience
- 5+ years of experience working with information security and web applications (Node preferred).
- Bachelor's degree in computer science, or equivalent.
- Fluent in both written and spoken English, with strong communication skills.
- Experience and proficiency with information security frameworks and approaches like CIS and NIST.
- Familiarity with PKI, encryption, mutual TLS, cipher suites, and other network- and disk-level data protection protocols, tools, and configurations.
- Experience performing software security reviews and implementing security solutions at the business division level.
- Experience with application security best practices and familiarity with common vulnerabilities (e.g., SQLi, SSRF, race conditions, access controls, privilege escalations, etc.)
- Experience working in regulated industries which have various security controls implemented including strict change management is a plus.
- Strong knowledge in software design and familiarity with design patterns.
- Experienced with TypeScript, Javascript, and Node.js.
- Strong fundamental understanding of relational DataBase (Postgresql, Mysql).
- Strong debugging skills and not afraid of getting hands dirty in other areas.
- Strong product delivery records.
- Experience with Agile/Scrum development methodology.
- Proven experience on building backend services with high availability and scalability requirements.
- Someone who isn't afraid of responsibility, a good sense of humor and a down-to-earth personality.
This position is based in Portugal, and candidates are not eligible for the benefits or requirements below.
We encourage you to apply even if you do not meet all of the qualifications, but feel you would be a good fit for the position.
Benefits & Perks
We offer competitive salaries, stock options, medical, dental, vision, life and disability coverage. An HSA with employer contribution, FSA, paid parental leave, medical travel benefits, a 401k plan, flexible vacation policy, lifestyle spending accounts, and more!
At Lively, we believe having diverse teams in which everyone can be their authentic self is key to our success. We encourage people from underrepresented backgrounds to apply. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Come join us in our mission to help people optimize their healthcare spending, maximize their savings, and better their livelihood!
Lively Inc. participates in the E-Verify program. Learn more about E-Verify here:
https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster_ES.pdf
#LI-Remote
Other Jobs from Lively
Sr. Software Engineer (Front-End) - Portugal
Sr. Software Engineer (Backend) - Portugal
Similar Jobs
Senior Engineering Manager
Front End Tech Lead
Sr. SW Engineer (Java Fullstack, 4-6 years experience)
Fullstack Software Engineer II (Trust & Transparency)
Fullstack Software Engineer II (Trust & Transparency)
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say