Software Engineer, Security

Healthcare needs good data. At PicnicHealth, we are building deep real-world datasets to fuel cutting-edge research, while giving patients control of their own medical record data. These complete, clinically-rich datasets produce unique insights across dozens of diseases to ultimately get the right treatments into patients’ hands faster. We do this by working directly with patients and leveraging state of the art machine learning to transform messy medical records into structured, research-ready datasets. To date we’ve helped tens of thousands of patients securely access their records and proactively contribute to advancing research in diseases that impacts their lives.  

We’re excited to announce $60 million in funding in a Series C led by B Capital Group. Our existing investors Felicis Ventures and Amplify Partners also joined the round, bringing the total we have raised to more than $100 million.

And we are just getting started! If you are looking to join an award winning, mission-driven, motivated team that is making a real impact across millions of people’s lives, PicnicHealth might just be the place for you. 

The Opportunity

We build a number of applications that allow us to communicate with patients, retrieve and label medical records, and generate high-quality datasets tailored for our research partners. The data we work with captures some of the most important, sensitive information about our patients, making application security critical. We are HITRUST certified for HIPAA compliance, which requires us to implement and maintain a number of security policies and controls. The goal of security engineering within our infrastructure team is to make sure our cloud operations and the code we put into production are bullet proof, and to up-level our engineers so that they are designing and building with a security-focused mindset.

This is a small and growing team with a huge opportunity for impact across the entire organization. As a team member, you will work across engineering to help the company safely scale. Your contributions will focus on ensuring we implement the best security practices across teams composed of fullstack, data, and  ML engineers. Our tech stack today includes: GCP, Kubernetes, Istio, Helm, Terraform, PostgreSQL, Redis, ElasticSearch, BigQuery, Prometheus, Grafana, Stackdriver, Node.js, Python, React, Hasura GraphQL, PyTorch, Tensorflow, GitHub Enterprise Server, Jenkins.

As a Security focused Software Engineer, your responsibilities will include:

• Working with engineers to implement security best practices, both by identifying better patterns and pairing with engineers to implement them
• Reviewing pull requests that touch technologies across our tech stack for implementation security
• Rolling out policies that improve security best practices while accounting for developer experience
• Reviewing GCP Security Command Center and HackerOne, and addressing findings
• Interfacing with pen testers to guide their efforts and address their findings
• Keeping our application dependencies and self-hosted applications up-to-date
• Supporting existing compliance efforts while helping developers maintain a culture that aggressively upholds the highest security standards for patient data
  

You are a great fit if you:

• Have 3+ years of full-time software engineering work experience with an interest in web security
• You want to lead and improve our security posture
• Are familiar with or motivated to quickly learn our tech stack and good security practices
• Are driven to work on high impact (ROI) projects and thrive in a fast-paced environment
• Enjoy working with other engineers to improve their approach to design and implementation
• Have experience with GCP and Kubernetes

We expect all team members to be motivated to be amazing in their roles and, ultimately, to move the PicnicHealth mission forward.

Perks & Benefits @PicnicHealth  

At PicnicHealth you get to solve real problems with real solutions, great tech, and great people. 

We offer a hybrid set up for our team: team members in the Bay Area can work from the SF office on a flexible schedule; remote team members are expected to travel to in-person gatherings up to 4 times a year. Our next Company Wide Onsite will be in February 2023.

You also get:

• Competitive salary 
• Comprehensive benefits including above market Health, Dental, Vision
• Family friendly environment 
• Flexible time off
• 401k plan
• Free PicnicHealth account
• Equipment and internet funds for home office set up  

COVID-19 Policy

We require proof of up-to-date vaccination for COVID-19, except those with medical or religious exemptions. 

Equal Opportunity Statement

PicnicHealth is committed to promoting an inclusive work environment free of discrimination and harassment. We value a diverse and balanced team where everyone can belong.