Senior Application Security Engineer (100% remote-friendly within Spain)
Barcelona, CT, Spain
Docplanner
Find the best physicians, search by location and specialty. Book your doctor appointment online on Doctoralia. Ask an expert.Company Description
Welcome to the good side of tech đ
You might have heard about us, but with a different name:Â Doctoralia. It all started 12 years ago when we asked ourselves: is anyone in healthcare thinking about patients? We jumped in and we empowered patients by giving them access to leave and read reviews about their visit. We then provided doctors with the technology to manage bookings easily and save time, so they could devote themselves to what they always wanted: treating patients. And today is the day in which we ask you: wanna join us in the next step of making the healthcare experience more human?
Docplanner at scale
We are leaders in 13 countries so far, and more than 90 million patients trust us every month. 300k+ specialists believe in us and our product, and so do leading venture capital funds such as Point Nine Capital, Goldman Sachs Asset Management and One Peak Partners. And yet, employing over 2.500 people all over the globe, we managed to keep the startup-mindset we started with over 10 years ago.
How does Docplanner Tech fit here?
At Docplanner Tech we are a diverse group of over 400 people working in Engineering, Data, and Product teams. We are responsible for building the product for all locations. Many of us have been here for over 5 years, yet we still welcome each new person with great joy and excitement.
We could tell you about us, but we will let our reviews on Glassdoor speak for themselves. In case youâd like to see how it feels to be 100% yourself at work, hereâs a video of us.Â
And why should you join us?
Because it feels good to tell your family and your friends how you made the world a little bit better. You go to bed knowing that what you do matters, and that your talents align with your beliefs.
We want to make the healthcare experience more human, and that starts with you being you. We believe that taking the diversity of human experience into account makes a better healthcare experience for all . Weâre not just different: we embrace diversity. We will encourage you to come to work your whole self, and that includes not coming to the office at all if you prefer not to, as we're 100% remote friendly.
Job Description
As an Application Security Engineer, you will have a crucial role in safeguarding our software products and contributing to our organization's success. You'll collaborate with development teams, share your expertise, and design robust security frameworks. With autonomy to set goals and work with cutting-edge technologies, join us in creating a secure environment and driving our organization forward.
Your mission is to ensure the security and integrity of our software products. You will collaborate with development teams to identify and mitigate vulnerabilities while providing guidance on the best security practices. Together, we can make a difference in software security and join us in this inspiring mission to make the healthcare experience more human.
Key ObjectivesÂ
Collaborating with our development teams to build a secure SDLC that integrates security at every stage of the software development process.
Researching and configuring security tooling to provide comprehensive security coverage.
Defining security guidelines for our applications to ensure that every product we release is protected against any potential attacks.
Consulting on new products, which may include pen-testing, threat modeling, or designing secure solutions, to ensure that they meet our high standards of security.
Developing a vulnerability management system that identifies and mitigates potential threats before they reach production.
Helping developers to understand security concepts and practices to foster a culture of security within our organization.
Â
Qualifications
Relevant professional experience
Strong knowledge of application security, secure coding practices, and common risks and vulnerabilities.
Experience working as a partner with Product and Development teams
Being able to automate routine tasks, enhance existing solution (preferably, knowledge of Python)
Experience working with cloud native and containerized environments (AWS/Azure, Docker, Kubernetes), knowledge of common security practices and testing approaches
Strong hands-on skills with testing and securing server-side and client-side apps
Experience working with common security certifications and supporting the GRC team. Experience with ISO 2700X, NIST, C5, SOC2, PSI-DSS is a plus.
SDE background is a plus
Testing and securing AI-based projects (LLM, RAG, diffusion models, fine-tuning pipelines, prompt injection, model extraction, data poisoning) is a plus
Experience with .NET, PHP, and Javascript environments is a plus
Communication excellence
Good communication skills and experience in working with distributed product and development teams, to identify and implement improvements to processes and procedures.
Experience working in a fast scaling digital company
You understand the environment of a global organization scaling at pace
Mindset of building for scale with a data-driven approach
Strong Project Management Skills
Ability to set up goals and priorities for yourself and your peers, to plan and organize work using project management tools like Jira.
Additional Information
Letâs talk money
A salary adequate to your experience and skills.Â
Flexible remuneration and benefits system via Flexoh, which includes: restaurant card, transportation card, kindergarten, and training tax savings.Â
Share options plan after 6 months of working with us.
Â
True flexibility and work-life balance
Remote or hybrid work model with our hub in Barcelona.
Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly).
Summer intensive schedule during July and August (work 7 hours, finish earlier).
23 paid holidays, with exchangeable local bank holidays.Â
Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate).
Â
Health comes firstÂ
Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental).
Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Andjoy.
Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling.Â
Â
Keep growing with us
Free English and Spanish classes.
Â
We promote and embrace equal opportunities in our hiring process, and also every day at work. When you apply for our roles you receive equal treatment regardless of age, disabilities, gender reassignment, marital or civil partner status, pregnancy or parental status, race, colour, nationality, ethnic or national origin, religion or belief, sex, sexual orientation or any other dimension of human difference. If you require additional support in your recruitment process, we kindly encourage you to let us know. Behind those words youâre reading, thereâs a person (hi!) who already helped a candidate by adapting the interviews, and now weâre lucky to have this person with us. So, even if youâve never asked for it before, may this serve as a sign that, now, you can do so. We can only truly be equal if we adapt to each other.
âWe believe all humans, in all their beautiful diversity, should have equal rights, dignity and respect. Period.â Mariusz Gralewski, CEO
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index đ°
Tags: Application security AWS Azure Cloud Docker JavaScript Jira Kubernetes LLMs NIST PHP Python SDLC SOC 2 Vulnerabilities Vulnerability management
Perks/benefits: Career development Equity / stock options Flex hours Health care Medical leave Parental leave Startup environment Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.