Application Security Engineer

Who is Eleos Health?

Today, more people than ever are speaking publicly about their mental health. Whether it's ourselves, our friends and family or even public figures, taking care of your behavioral health is no longer a taboo, it's vital, and it's only human. Eleos is on a mission to help deliver the world's most effective behavioral care through data, measurement, and personalization. Or simply put, 

We want to give clinicians the support they need to do the important work only they can do.

What is this opportunity?

As the Application Security Engineer, you will be responsible for integrating and maintaining robust security practices throughout the entire application development lifecycle. You will work closely with cross-functional teams including Software Engineering, DevOps and Product.

This role requires a security-minded professional who has deep experience in cloud-based architectures and is excited about building secure and scalable solutions.

How will you contribute?

•  Secure Software Development Lifecycle (SSDLC)- Collaborate with developers to integrate security best practices into all stages of the SDLC. Conduct secure code reviews, threat modeling, and vulnerability assessments.
• Application Security Testing- Implement and manage SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools. Continuously monitor, track, and resolve identified vulnerabilities.
• Cloud Security & Infrastructure- Work with DevOps/Infrastructure teams to secure cloud environments, including containerized workloads, CI/CD pipelines, and serverless functions. Configure and maintain cloud security best practices.
• Security Architecture & Design- Collaborate on the design of new applications and features, advising on secure architecture patterns, encryption mechanisms, and identity & access management. Develop and maintain security reference architectures and technical standards.
• Automation & Continuous Improvement- Identify opportunities to automate security checks and policy enforcement within the CI/CD pipeline. Research and recommend new security tools, technologies, and processes to enhance the security posture of the organization

Requirements

• 5 years of experience as an Application Security Engineer in a SAAS company
• Oral and written communication skills for writing comprehensive reports
• Ability to work in a team
• Decision-making capability for adopting new countermeasures for unknown attacks
• Analytical skills to foresee which application vulnerability can become a major threat
• Willingness to evolve

Benefits

This is a unique opportunity to join a startup that is having a meaningful impact on the well-being and mental health of thousands. We have

• A product that positively impacts peoples' lives every single day.
• A team of amazing people with a shared vision and the infinite drive to make it happen
• We offer significant equity.
• Opportunity to build, grow and become highly instrumental in shaping how technology can increase the effectiveness of therapy.
• Hybrid work opportunities. 
• Mental health days off you can take any given moment simply because you need them.