Application Security Engineer

Welcome to the era of Velsera! Seven Bridges, Pierian & UgenTec have combined to become Velsera.

Velsera is the precision engine company. We empower researchers, scientists, and clinicians to drive precision R&D, expand access to, and more effectively leverage analytics at the point of care. 

We unify technology-enabled solutions and scientific expertise to enable a continuous flow of knowledge across the global healthcare ecosystem. This interweaves diverse biomedical communities, allowing them to build upon each other’s success and accelerate medical breakthroughs that positively impact human health.

With our headquarters in Boston, MA, we are growing and expanding our team which located in 14 different countries!

Location: Pune, India Remote.

As an Application Security Engineer, you will report to the Director, Information Security. In this role you will identify vulnerabilities, understand exploitability risk, conduct penetration testing exercise, evaluate cloud architecture security, and promote application security across Engineering. The role requires the ability to communicate with the Engineering teams to prioritize and resolve security findings. As a member of the Information Security team, you will also be involved in other security engineering and incident response areas including but not limited to scripting, security tooling development and configuration, incident forensics, etc.

What will you do?

• Conduct application security testing for our products.
• Perform Cloud, full stack and network security testing to identify vulnerabilities.
• Design penetration testing scoping documentation for a third-party penetration testing vendor.
• Collaborate with Velsera Engineering, Architecture, and DevOps Teams to develop vulnerability fixes, prioritization and mitigations.
• Verify/validate security fixes.
• Track, review, and evaluate new vulnerabilities across the technology stack.
• Design, optimize and improve penetration tools and tests.
• Keep up to date with latest testing and ethical hacking methods.
• Optimize existing security controls and processes.
• Train and educate Software Engineers and Architects on the latest threats and vulnerabilities.

What do you bring to the table?

• 3-5 years' experience in Penetration Testing or Application Security related positions
• Deep knowledge of testing and exploitability of web application vulnerabilities - e.g. RCE , XSS, IDOR, CSRF etc (OWASP Top 10)
• Strong understanding of threat intelligence and indicators of compromise (IOC’s)
• Hands-on experience with:
• Kali Linux, Burp Suite or similar tools Command line interface of multiple operating systems – Linux, macOS, Windows, etc.
• Malware analysis & Forensics,
• Container Security, Linux, Docker scripting languages to include the following – python, shell, ruby, perl,
• Experience with SAST and/or DAST solutions is a plus.

People first. We create collaborative and supportive environments by operating with respect and flexibility to promote mental, emotional and physical health. We practice empathy by treating others the way they want to be treated and assuming positive intent. We are proud of our inclusive diverse team and humble ourselves to learn about and build our connection with each other.

Patient focused. We act with swift determination without sacrificing our expectations of quality. We are driven by providing exceptional solutions for our customers to positively impact patient lives. Considering what is at stake, we challenge ourselves to develop the best solution, not just the easy one. 

Integrity. We hold ourselves accountable and strive for transparent communication to build trust amongst ourselves and our customers. We take ownership of our results as we know what we do matters and collectively we will change the healthcare industry. We are thoughtful and intentional with every customer interaction understanding the overall impact on human health. 

Curious. We ask questions and actively listen in order to learn and continuously improve. We embrace change and the opportunities it presents to make each other better. We strive to be on the cutting edge of science and technology innovation by encouraging creativity. 

Impactful. We take our social responsibility with the seriousness it deserves and hold ourselves to a high standard. We improve our sustainability by encouraging discussion and taking action as it relates to our natural, social and economic resource footprint. We are devoted to our humanitarian mission and look for new ways to make the world a better place. 

Velsera is an Equal Opportunity Employer:
Velsera is proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, colour, gender, religion, marital status, domestic partner status, age, national origin or ancestry.