Application Security Engineer

Eon


Date: 1 day ago
City: Lahore
Contract type: Full time
Work with the industry leader

At Eon, our mission is to make patients healthier and healthcare affordable. Eon Patient Management ("EPM") identifies patients with disease risk and streamlines clinical decision analysis so clinicians can work at the top of their licenses. With unique solutions across multiple disease states, we drive unprecedented adherence to care pathways, so that more patients are seen and more survive. When patients win, healthcare systems win - both clinically and financially.

As a market leader in incidental tracking and patient management, Eon is pioneering the use of Artificial Intelligence to enable healthcare enterprises, ranging from small health systems to large, national-scale IDNs. We have a unique and dynamic team that is focused on results, and employment opportunities both local to our Denver office, and remote based.

This really is the perfect role!

The Opportunity

As an Application Security Engineer, you will be improving Eon's application security posture and keeping the platform secure throughout the Software Development Life Cycle (SDLC)! We are looking for someone who loves to analyze, test and triage application vulnerabilities, participate in code and product security reviews, and help our Developers bake security into their day-to-day workflows and CICD. You will partner closely with our Product and Engineering teams, and external testers, so solid interpersonal skills are a must. This role is a great opportunity to advance an application security program and drive remediation of security weaknesses with an enterprise-wide impact!

In This Role You Will

  • Be an advocate for application security within the organization
  • Help develop and maintain a risk-based application security program based on a well-defined application security framework
  • Ensure the platform complies with healthcare-specific security standards such as HIPAA and HITRUST, and follow best practices for handling sensitive patient data.
  • Find common patterns and themes within application vulnerabilities and work with Development teams to address the root causes
  • Participates in the strategic decisions related to the requirements, design, implementation, and operations of application security framework, processes, and technology
  • Execute security-focused code, architecture and integration reviews
  • Coordinate or conduct penetration testing and drive remediation efforts to completion
  • Collaborate with DevOps teams to integrate security testing tools (SAST/DAST) into CI/CD pipelines to enable DevSecOps practices.
  • Keep abreast of the latest security issues and technologies
  • Own and improve process and procedural documentation
  • Assist with daily activities and functions of the Security team (including alert & incident response) to maintain security posture as well as policy and compliance commitments

Skills & Requirements

  • Deep knowledge and familiarity with Cybersecurity Framework, including NIST 800-53, NIST CSF, CIS Top 20, MITRE ATT&CK, and OWASP Top Ten
  • Deep knowledge of crypto, authentication and authorization protocols and standards, including SSL/TLS, SAML, OAuth, JWT Tokens is a must
  • Possess a relentless desire to (ethically) break into things and can communicate the attack scenarios and mitigation options based on standard framework is desired
  • Ability to read and understand Java, JavaScript, and Python
  • Ability to automate repetitive tasks, using Python or other scripting language, is a plus
  • Experience working in regulated industries, with a focus on healthcare security standards (HIPAA, HITRUST) is a plus.

Nice-to-have

  • 2+ years of experience in web application penetration testing or a security-focused application development role is a must
  • AWS Security, CEH, GWEB, GCIH or equivalent certifications are preferred
  • Ability to work in a diverse, fast-paced environment and effectively collaborate across teams
  • Outstanding written and oral communication skills with demonstrated ability to clearly articulate to both a technical and functional audience

“So what’s in it for me,” you ask?

We pride ourselves for being a culture-based company buzzing with high-energy. Aside from the enthusiastic environment, you'll enjoy:

  • Competitive salary
  • Health insurance
  • Referral bonuses
  • Generous vacation time
  • Paid Maternity and Paternity leave
  • Work from home days
  • Lunch facility within office
  • Travel allowance
  • Company equipment (laptop, internet device, screens etc)
  • Professional development and career growth opportunities
  • Awesome team members

If we still have your attention, don't delay, send us your resume!

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Expert Relations Analyst

IDR, Lahore
1 day ago
DescriptionAbout IDR:IDR is a tech-enabled platform of over 500,000+ industry leaders across multiple verticals and geographies. We connect consulting firms, life science firms, financial institutions, and corporate clients with vetted subject matter experts to make the right decision.The Role:Analyst, Expert Relations plays a vital role in establishing and maintaining relationships with experts, consultants, and professionals in Expert Network. This position...

Reels/Short Form Videos Specialist

tossdown, Lahore
4 days ago
About Us:tossdown is a SaaS company offering e-commerce and digital marketing solutions tailored to the food industry. We work with food businesses to build e-commerce websites, mobile apps, and deliver impactful digital marketing strategies. Our mission is to help food brands grow by enhancing their online presence and driving sales growth.Responsibilities:Transform raw footage into engaging, story-driven Reels, TikTok, and Shorts...

Sales Development Representative cum BDE B2B

Hazen Technologies Inc, Lahore
4 days ago
Job Location: Gulberg, Lahore, Pakistan (Onsite)Work Conditions: Full-time | 06:00 PM 03:00 AM PKTReporting to: Head of Growth USA.Key Responsibilities of BD / Sales Executive:Role Overview:As a Sales Development Representative (SDR), you will be the first point of contact for potential clients, playing a critical role in driving sales growth by generating and qualifying leads. Focused on the U.S. market,...