Sr. Security Analyst – Cloud Security & Application Security

3 Weeks ago • 5 Years + • Cyber Security

About the job

Job Description

Blink Health seeks a Sr. Security Analyst to design and implement a Threat and Vulnerability Management program for AWS cloud and applications. Responsibilities include threat modeling, security architecture reviews, managing security tools (SAST, SCA, DAST, API security, data security, SIEM), conducting penetration tests, responding to security incidents, monitoring identity security, and preparing status reports. The ideal candidate possesses 5+ years of experience in information security, AWS cloud security, OWASP Top 10, API security, and data security. Experience with various security tools and compliance frameworks (HIPAA, PCI) is essential. The role also involves developing security content and assisting with audits and assessments.
Must have:
  • 5+ years InfoSec experience
  • AWS Cloud Security expertise
  • OWASP Top 10, API & Data Security knowledge
  • SAST, SCA, DAST experience
  • SIEM, incident response skills
Good to have:
  • CISSP or equivalent
  • AWS Security certification
  • Experience with WAF, IAM, DLP
  • Familiarity with GitHub, Kubernetes
  • HIPAA, PCI compliance knowledge

Company Overview:

Blink Health is the fastest growing healthcare technology company that builds products to make prescriptions accessible and affordable to everybody.  Our two primary products – BlinkRx and Quick Save – remove traditional roadblocks within the current prescription supply chain, resulting in better access to critical medications and improved health outcomes for patients. 

BlinkRx is the world’s first pharma-to-patient cloud that offers a digital concierge service for patients who are prescribed branded medications. Patients benefit from transparent low prices, free home delivery, and world-class support on this first-of-its-kind centralized platform. With BlinkRx, never again will a patient show up at the pharmacy only to discover that they can’t afford their medication, their doctor needs to fill out a form for them, or the pharmacy doesn’t have the medication in stock. 

We are a highly collaborative team of builders and operators who invent new ways of working in an industry that historically has resisted innovation. Join us!

Responsibilities

  • Design and implement Threat and Vulnerability Management program for AWS cloud and Engineering applications.
  • Ensure alignment with the Security Pillar of AWS Well Architected Framework.
  • Facilitate and review Threat modeling with Applications teams.
  • Conduct Security architecture review of key application enhancements.
  • Manage the operations of cloud security tools, triage and prioritize findings, work with stakeholders to fix defects.
  • Manage the operations of source code scanning security tools (SAST), 3rd party modules scanning security tools (SCA), runtime application scanning security tools (DAST). Triage and prioritize findings, work with stakeholders to fix defects.
  • Manage the operations of API security tools. Triage and prioritize findings, work with stakeholders to fix defects.
  • Manage the operations of Data Security tools. Monitor, Identify, triage, and prioritize findings. Work with stakeholders to fix defects.
  • Manage the operations of SIEM, ensure security logs are being sent to the SIEM, configure and find fund thresholds and alerts.
  • Perform internal application pen tests. Identify, triage, and prioritize findings. Work with stakeholders to fix defects.
  • Monitor alerts and respond to security incidents according to incident response plan.
  • Monitor identity security including Periodic review of access logs, anomaly access and account review, excessive and outlier permissions, inactive accounts with high privileges.
  • Prepare relevant metrics and status reports related to Cloud Security and Engineering Application Security
  • Develop and maintain content for Cloud Security and Engineering Applications for Infosec CoE (Center of Excellence) and Product Security Baselines.
  • Assists in the review and update of cyber security policies, architectures and standards.
  • Assists in responding to audits, penetration tests and vulnerability assessments.

Requirements

  • Bachelor’s degree in computer science, cybersecurity or a related field
  • 5+ years of experience in Information Security 
  • Certifications (CISSP) or equivalent is a plus. AWS Security certification is a plus.
  • Experience in AWS Cloud Security
  • Experience in OWASP Top Ten, API Security, Data Security, SAST, SCA, DAST
  • Experience in WAF, IAM, DLP
  • Experience in XDR, SIEM, SOC
  • Familiarity with GitHub, Kubernetes
  • Familiarity with Networking, VPN, Firewall
  • Familiarity with Compliance Frameworks & Controls (HIPAA, PCI)

Why Join Us:

It is rare to have a company that both deeply impacts its customers and is able to provide its services across a massive population.  At Blink, we have a huge impact on people when they are most vulnerable: at the intersection of their healthcare and finances. We are also the fastest growing healthcare company in the country and are driving that impact across millions of new patients every year.  Our business model not only helps people, but drives economics that allow us to build a generational company. We are a relentlessly learning, constantly curious, and aggressively collaborative cross-functional team dedicated to inventing new ways to improve the lives of our customers.

We are an equal opportunity employer and value diversity of all kinds. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

View Full Job Description

Add your resume

80%

Upload your resume, increase your shortlisting chances by 80%

About The Company

Pittsburgh, Pennsylvania, United States (On-Site)

India (On-Site)

New York, New York, United States (Remote)

India (On-Site)

Boise, Idaho, United States (On-Site)

St. Louis, Missouri, United States (On-Site)

Pittsburgh, Pennsylvania, United States (On-Site)

St. Louis, Missouri, United States (On-Site)

Boise, Idaho, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Blinkhealth

Similar Jobs

GrowthX® - Tech Lead

GrowthX®, India (On-Site)

Ello - Design Engineer (Mobile)

Ello, United States (On-Site)

Luxoft - MSSQL Database SME

Luxoft, United States (Remote)

Truecaller - Staff Android Engineer & Team Lead

Truecaller, Sweden (On-Site)

PwC - Financial Services Audit Associate

PwC, Philippines (On-Site)

PwC - Senior Associate IT Auditor

PwC, Croatia (On-Site)

ION - Senior Security Architect

ION, Italy (On-Site)

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Next Level Business Services - Sr. UI Engineer

Next Level Business Services, United States (On-Site)

GamePoint - Senior Unity Developer

GamePoint, Netherlands (On-Site)

Meta - Software Engineer, Systems

Meta, United States (On-Site)

Virtuos - Senior Software Engineer (Metal API)

Virtuos, United States (On-Site)

Applike Group - Tech Lead (f/m/d) 🚀

Applike Group, Germany (Hybrid)

Dream Game Studios - Director System IT

Dream Game Studios, India (On-Site)

Get notifed when new similar jobs are uploaded

Jobs in India

Luxoft - Regular BSP Developer

Luxoft, India (Hybrid)

Nutrabay - Motion Graphic Designer - 3D

Nutrabay, India (On-Site)

Lufkin Gears - Software QA - Analyst

Lufkin Gears, India (On-Site)

Aera Technology - Senior Software Engineer (Backend Java)

Aera Technology, India (On-Site)

Axinous - Education Operations Specialist

Axinous, India (Hybrid)

R1 RCM - Analyst

R1 RCM, India (On-Site)

Actian - C Engineer - Bangalore/Pune

Actian, India (On-Site)

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ION - Senior Security Architect

ION, United Kingdom (On-Site)

Palo Alto Networks - Solutions Consultant

Palo Alto Networks, Greece (Remote)

Barco - System Engineer - IT SecOps

Barco, India (Hybrid)

Aurigo Software Technologies - Security Engineer

Aurigo Software Technologies, India (Hybrid)

Anthology  Inc  - Security Risk Analyst

Anthology Inc , India (On-Site)

Intel Corporation - Principal System Security Architect

Intel Corporation, United States (Hybrid)

Razer - Senior Information Security Analyst

Razer, Malaysia (On-Site)

Sonar Source - Security Engineer

Sonar Source, United States (On-Site)

Get notifed when new similar jobs are uploaded