Job description
The Role
U.S. healthcare is frustrating and deeply flawed. Cedar’s mission is to drive better outcomes for everyone involved, including providers, insurance companies and the people they serve. At a time when consumer-friendly healthcare experiences are more critical than ever, our platform is uniquely equipped to solve problems that lead to billing issues and administrative waste.
The Product Security team at Cedar combines deep application security expertise with software development in order to help build our patient-focused solutions efficiently and safely. As a Product Security Engineer at Cedar, you will work with an inquisitive, diverse, and experienced team on a platform that is rapidly scaling. You’ll help solve problems that matter, affecting tens of millions of patients annually.
Our core tenets include using good judgment and having the autonomy to be successful. Your role will be to assess risk across the company and make decisions about the risk we should prioritize. On an average day you might participate in a security-focused design review, write code to create new security tooling, or create educational materials to improve security awareness across the company. At Cedar, we don’t require experience with particular languages, but deep familiarity with modern and industry-standard technologies in our tech stack is always a plus.
Cedar is committed to a flexible work environment, so this as well as many of our roles are U.S. remote-friendly.
About You
- You’re an application security engineer who prioritizes addressing security challenges with technology, not process
- You have a demonstrated history of enabling software developers with usable tools and actionable security guidance
- You’re comfortable communicating security risks and controls to technical and non-technical partners
- You have deep experience with security code review, threat modeling or security architecture reviews, developing high-signal low-noise security automation
- You have a working proficiency with a general-purpose programming language (ideally Python)
Bonus Points if you have
- Familiarity with HIPAA, PCI, and the unique considerations around securing health and payments data
Responsibilities
- Serve as the designated Security Partner for multiple engineering teams across the SSDLC, evangelizing security and helping threat model projects, bake security into designs, and review code and implementations
- Contribute to security automation projects, such as static analysis, vulnerability management, and asset inventory
- Develop security primitives that provide guardrails for our engineers
Applicants must be currently authorized to work in the United States on a full-time basis.
Compensation Range and Benefits
- Salary Rate Range*: $157,250 - $185,000
- This role is equity eligible
- This role offers a competitive benefits and wellness package
- Subject to location, experience, and education
#LI-Remote
What do we offer to the ideal candidate?
- A chance to improve the U.S. healthcare system at a high-growth company! Our leading healthcare financial platform is scaling rapidly, helping millions of patients per year
- Unless stated otherwise, most roles have flexibility to work from home or in the office, depending on what works best for you
- Unlimited PTO for vacation, sick and mental health days–we encourage everyone to take at least 20 days of vacation per year to ensure dedicated time to spend with loved ones, explore, rest and recharge
- 16 weeks paid parental leave with health benefits for all parents, plus flexible re-entry schedules for returning to work
- Diversity initiatives that encourage Cedarians to bring their whole selves to work, including three employee resource groups: be@cedar (for BIPOC-identifying Cedarians and their allies), Pridecones (for LGBTQIA+ Cedarians and their allies) and Cedar Women+ (for female-identifying Cedarians)
- Competitive pay, equity (for qualifying roles) and health benefits that start on the first of the month following your start date (or on your start date if your start date coincides with the first of the month)
- 401k plan with 3% employer non-election contribution
- Access to hands-on mentorship, employee and management coaching, and a stipend for learning and development resources to help you grow both professionally and personally
About us
Cedar was co-founded by Florian Otto and Arel Lidow in 2016 after a negative medical billing experience inspired them to help improve our healthcare system. With a commitment to solving billing and patient experience issues, Cedar has become a leading healthcare technology company fueled by remarkable growth. Over the past several years, we’ve raised more than $350 million in funding from investors such as Andreessen Horowitz and Tiger Global, bringing Cedar’s valuation to $3.2 billion.
Today, Cedar helps over 15 million patients annually—and partners with more than 50 leading healthcare providers, including Yale New Haven Health, Summit Health, Novant Health, Allina Health, Providence, ChristianaCare, Blue Cross Blue Shield of Arizona, CommonSpirit Health and Blue Cross Blue Shield of Massachusetts.
jjbodyshop.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jjbodyshop.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jjbodyshop.com is the ideal place to find your next job.