Product Security Engineer

Cedar

1d•$157,250 - $198,875•Hybrid

About The Position

The Product Security team at Cedar combines software development with deep application security expertise in order to help build our patient-focused solutions efficiently and safely. As a Product Security Engineer at Cedar, you will work with an inquisitive, diverse, and experienced team on a platform that is rapidly scaling. You’ll help solve problems that matter, affecting tens of millions of patients annually. Our core tenets include using good judgment and having the autonomy to be successful. Your role will be to build secure, supportable secure paths for other engineers to follow and help accelerate Cedar Engineering’s mission. Whether it’s an improvement on single sign on experience, a smoother UI for credential management, or multi-tenant encrypted vault solutions, Cedar Product Security Engineers build the security tools others need to do their work more safely and more efficiently. At Cedar, we don’t require experience with particular languages, but deep familiarity with modern and industry-standard technologies, like Python, Go, and Kotlin are a plus.

Requirements

You’re an application security engineer who prioritizes addressing security challenges with technology, not process
You love building services and tools that help product and platform engineers build, deploy, and maintain products that help hundreds of millions of people
You have experience with security code review, threat modeling or security architecture reviews.
You’re proficient in Python, Go, or Kotlin

Nice To Haves

Familiarity with HIPAA, PCI, and the unique considerations around securing health and payments data
Experience creating developer focused security tooling or libraries
Participation in security capture-the-flag events

Responsibilities

Create and extend services and tools that help product and platform engineers build, deploy, and maintain Cedar products safely and efficiently.
Serve as a Security Partner for multiple engineering teams across the SSDLC, evangelizing security and helping threat model features, bake security into designs, and review code and implementations
Contribute to security automation projects, such as static analysis, vulnerability management, and asset inventory

Benefits

Flexibility to work from home or in the office, depending on what works best for you
Unlimited PTO for vacation, sick and mental health days
16 weeks paid parental leave with health benefits for all parents, plus flexible re-entry schedules for returning to work
Diversity initiatives that encourage Cedarians to bring their whole selves to work, including three employee resource groups: be@cedar (for BIPOC-identifying Cedarians and their allies), Pridecones (for LGBTQIA+ Cedarians and their allies) and Cedar Women+ (for female-identifying Cedarians)
Competitive pay, equity (for qualifying roles) and health benefits that start on your first day
401k plan with 3% employer non-election contribution
Access to hands-on mentorship, employee and management coaching, and a stipend for learning and development resources to help you grow both professionally and personally
Fertility & adoption assistance
Cedar matches 100% of your 401(k) contributions, up to 3% of your annual compensation
A team discretionary budget for learning and development resources