Position Summary

The Senior Security Software Engineer will design, develop, and implement secure software development practices, conduct security assessments, and collaborate with various teams to ensure robust security integration throughout our development processes.

Key Relationships

• Collaborate with development, operations, activation, and security teams.
• Mentor junior engineers and provide training.

Key Accountabilities

Secure Software Development

• Design, develop, and implement secure software development practices and processes.
• Create and maintain security documentation and guidelines for development teams.

Security Assessments

• Conduct security assessments, code reviews, and penetration testing to identify vulnerabilities and risks in software systems.
• Analyze and triage security vulnerabilities, providing actionable recommendations for remediation.

Security Controls

• Develop and implement security controls, defenses, and countermeasures to prevent and mitigate security threats.
• Ensure compliance with security policies, standards, and regulations.

Collaboration

• Collaborate with development, operations, and security teams to integrate security into the software development lifecycle (SDLC).
• Participate in architecture and design reviews to ensure security best practices are followed.

Continuous Improvement

• Stay up-to-date with the latest security trends, threats, and technologies.
• Continuously improve the security posture of the organization by identifying and addressing security gaps.

Guidance and Training

• Provide guidance and training to other team members on secure coding practices and security awareness.
• Mentor junior engineers and promote a security-first mindset across the organization.

Knowledge, Skills, and Abilities

• Proficiency in programming languages such as Scala, Java, or C++.
• Scripting experience in Bash and Shell.
• In-depth knowledge of secure coding practices, cryptography, and security protocols.
• Familiarity with security tools and frameworks such as OWASP, SAST, DAST, and threat modeling.
• Excellent problem-solving skills and the ability to work under pressure.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
• High attention to detail and a proactive approach to identifying and addressing security issues.

Required Education and Experience

• University Degree in Computer Science, Computer Engineering, or similar degree. A combination of applicable experience and certifications may be considered in lieu of a degree.
• Proven experience as a software engineer with a strong focus on security.
• Extensive experience in conducting security assessments, code reviews, and penetration testing.
• Demonstrated success in developing and implementing security controls and countermeasures.
• Experience with cloud security, container security, and microservices architectures.
• Knowledge of regulatory requirements and industry standards such as GDPR, HIPAA, and ISO 27001.
• Security certifications such as CISSP, CEH, or OSCP.

Location

• Vancouver, BC area preferred.

Salary

• $150,000 - $165,000 CAD.

Core Competencies

One Team

• Act as one team with fellow MacroMates and customers.
• Value humility, low ego, and collaboration.
• Maintain an All for One, One for All attitude.

Deliver on Promises

• Do the right thing.
• Do what you say you will do.
• Work with a sense of urgency and transparency.

Macro Thinking

• Challenge yourself and others to think boldly, bigger, and into the future.
• Lead with a Growth Mindset.
• Act as a thought leader for the healthcare industry.

MacroHealth is an equal opportunity employer.