Clover is reinventing health insurance by working to keep people healthier.
We value diversity — in backgrounds and in experiences. Healthcare is a universal concern, and we need people from all backgrounds and swaths of life to help build the future of healthcare. Clover's security team enhances the values of the organization by supporting the company's goals and objectives while fiercely defending our members' information. We are committed and deliberate about protecting the integrity and availability of Clover's overall operation. We are looking for empathetic security professionals to help build up Clover's security and ensure all functions operate securely. This includes ensuring service availability, systems/data integrity, member privacy, and building trust in the Clover brand.
We are looking for a Senior Application Security Engineer to join our team. In this role you will assist with building applications and services to support our medical team with opportunities to touch a wide range of technologies. You will partner with the rest of the engineering team to protect member data and exceed industry compliance standards by establishing secure coding standards, tooling, and best practices for our systems as well as architecting and building secure services for members. We value moving fast, but we do so with a pragmatic approach that will allow us to sustain velocity over time.
As Senior Application Security Engineer you will:
- Help mature our application security program by developing the tooling needed to allow us to move fast without introducing additional risk.
- Perform source code review of existing and new deployments.
- Develop our secure coding standards and be the primary SME and point of contact for application security inquiries across the organization.
- Develop Security Awareness materials geared toward engineers.
- Be part of our coordinated incident response program and primary point of contact for triage of security bug reports.
- Help Clover build a respected reputation in the Healthcare and Security industries.
You will love this job if:
- You are a partner, you enjoy working with engineering teams to ensure that code is deployed in a safe secure manner across all of Clover’s assets.
- You enjoy working in a fluid, collaborative environment, defining and owning priorities that adapt to our larger goals. You can bring clarity to ambiguity while remaining open-minded to new information that might change your mind.
- You are passionate about security being a driver to success.
You should get in touch if:
- You have deep knowledge and understanding of the inner workings across full web services stack and the multitude of authentication and authorization methods.
- You have proven experience identifying and remediating application security vulnerabilities.
- You are seasoned in security integration into CI/CD pipelines across multiple tenants.
- You have experience in Cloud PaaS security across AWS/GCP/Azure and with cloud orchestration platforms (kubernetes).
- You have a strong understanding of mobile security as it relates to iOS/Android.
Bonus Points for:
- Experience building HIPAA/HITECH applications.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.