Senior Application Security Engineer
About The Position
Passionate about precision medicine and advancing the healthcare industry? Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time. Senior Application Security Engineer Tempus is seeking a Senior Application Security Engineer with deep expertise in penetration testing to join our Application Security team. In this role, you will lead efforts to identify and remediate vulnerabilities in our web, mobile, and medical device applications, helping to safeguard sensitive healthcare data and support our mission to improve patient outcomes.
Requirements
- 5+ years of proven experience in penetration testing, with a strong preference for experience in healthcare or other highly regulated environments.
- Strong understanding of security principles, techniques, and technologies.
- Experience with a variety of security tools and products (e.g., Burp Suite, Snyk, Metasploit, Nmap).
- Familiarity with programming/scripting languages such as Python, JavaScript/TypeScript, or others.
- Experience with cloud security (AWS, Azure, GCP) and secure SDLC practices.
- Excellent problem-solving, analytical, communication, and interpersonal skills.
Nice To Haves
- Relevant certifications such as OSCP, GPEN, OSCE, GWAPT, CSSLP, or similar are highly desirable.
- Experience mentoring and training others in security best practices.
Responsibilities
- Conduct penetration tests on web, mobile, and software medical device applications, as well as internal systems.
- Lead threat modeling and risk assessment activities for new and existing products.
- Develop and execute test plans, scenarios, scripts, or procedures.
- Document findings, prepare detailed reports, and work with development teams to remediate identified issues.
- Track and manage vulnerabilities through their lifecycle.
- Develop and maintain custom security testing tools and automation scripts.
- Stay up-to-date with the latest testing and ethical hacking methods, tools, and industry trends.
- Assist in the development and maintenance of application security policies, standards, and guidelines.
- Work with security and IT teams to enhance the overall security posture of the organization.
- Provide security training and awareness to development teams.
- Participate in the design and review of new technologies and major changes to existing technologies from a security perspective.
- Ensure compliance with healthcare and data privacy regulations (e.g., HIPAA, GDPR).
- Evaluate third-party applications and vendors for security risks.
- Mentor junior team members and contribute to a culture of security.
Benefits
- Tempus offers a full range of benefits, which may include incentive compensation, restricted stock units, medical and other benefits depending on the position.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
1,001-5,000 employees
