Full-Time
Infrastructure Security Engineer
Posted on 3/27/2023
Digital platform for medical professionals collaboration and patient care
Compensation Overview
$135,000 - $190,000
Senior
San Francisco, CA, USA + 1 more
- A “Hacker Mindset”
- Minimum of 5 years of Linux/UNIX systems engineer & administrator experience
- Minimum of 2 years of relevant web application or infrastructure security experience. It does not need to be a security-specific position. The most important thing is passion/desire for security
- Extensive AWS experience
- Automation experience with configuration and resource management tools such as Terraform (preferred), Ansible, Chef, Puppet, or Cloudformation
- Proficient in bash shell scripting and one of Ruby, Python, or Golang
- Experience with CI and CD using tools such as Github Actions, Atlantis, Jenkins, circleci, rspec, serverspec, inspec, test kitchen, etc
- Ability to work in a proactive manner
- Intermediate to advanced experience administering and securing an RDB
- Experience with Kubernetes (or other schedulers), Grafana, Prometheus
- Help maintain our private security bug bounty program hosted onhackerone: this involves engaging security researchers, validating security finds, determining impact/risk, awarding bounties, and fixing or coordinating remediation efforts
- Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling
- Help set good security posture; this includes: finding bad security habits and encapsulating good secure defaults into libraries/modules with tools such as ansible, chef, terraform, helm charts, ArgoCD, kubernetes, etc that other teams will leverage
- Write and perform penetration tests for applications and infrastructure
- Active participation in design, implementation, and maintenance of the development, staging, and production infrastructure and application security
- Work on automating tasks using tools such as Terraform, Ansible, Chef (legacy), kubernetes, etc
- Analyze HTTP traffic to create and update WAF rules to reduce the effectiveness of malicious bots, scrappers, and attackers
- Lead security/policy related audits such as SOC2 Type II
- Works with key stakeholders to document existing security policies and create new ones
- Remediate and write post-mortem reports on security-related issues
- Work with developers to deploy applications ready for production in a secure manner
- Perform Threat Hunting on a regular basis
- Create security observability using a variety of tools such as SIEM, CSPM, IDS, etc
- Hands-on maintenance on our Ruby on Rails and Go (Golang) applications
- Troubleshoot issues across the whole stack: hardware, software, and network
- Periodically audit and rotate access credentials
- Work with IT as an escalation point on behalf of sales and client services teams to answer application or infrastructure-related security questions and concerns that clients inquire about
- You'll be asked to maintain a minimum of 5 hours overlap with 9:30 to 5:30 PM Pacific time
- Participate in a 1-week on and 5 weeks off, 24/7 on-call rotation
- Travel to company offsites once/quarter is expected
- Experience writing application and/or security penetration tests with an open source framework
Doximity, a leading digital platform for medical professionals, offers a unique blend of technology and healthcare, providing tools that enable efficient collaboration, career management, and virtual patient visits. With over 80% of U.S. physicians as members, the company has a significant competitive advantage in terms of network size and reach. The platform's practicality is demonstrated by its ability to streamline processes, such as the quick transfer of patient information, saving valuable time in critical situations.
Company Stage
IPO
Total Funding
$181.8M
Headquarters
San Francisco, California
Founded
2010