Product Security Engineer

Beam Dental

Beam Dental

Other Engineering, Product
Columbus, OH, USA
Posted on Wednesday, April 19, 2023
About Beam
Beam was founded in 2012 by three engineers who saw the opportunity to modernize the dental benefits industry using technology. The first product was the Beam Brush, which was one of the earliest examples of the Internet of Things in healthcare.
Today, Beam Benefits is available in 40+ states and has expanded beyond dental. Beam is now simplifying and modernizing a robust suite of ancillary employee benefits through an intuitive digital platform, self-service tools, AI-powered pricing, support from Beam’s helpful representatives, and a unique Beam Perks™ rewards program. This winning combination allows us to deliver a simple, smart, and wellness-focused experience for brokers, employers, and members.
Joining Beam Benefits Means
• Working in a complex and dynamic business, simultaneously operating across insurance, CPG manufacturing, IoT, and dental services
• Being supported and encouraged to improve every day by working collaboratively with a diversely skilled team
• Engaging in an energizing, committed, and fun work environment
• Being empowered as an ‘owner’ of your subject matter and work
• Joining in our mission to forever change the way people access benefit
• Being a person of high character, high EQ, and amazing talent
What We're Looking For
Beam is looking for Product Security Engineers to join our IT Security team. Our Product Security Engineers are responsible for proactively finding issues in our applications and infrastructure, and for building out tooling and processes that enable our technology organization to move quickly without sacrificing the safety of our customer data.
What You Will Bring
You're an experienced Application/Product Security Engineer with a background in application development. You have a knack for finding flaws in software and infrastructure, and an ability to effectively work with other engineers to form a plan and fix those gaps. You believe in spreading security knowledge throughout the technology organization, by focusing on teaching and working with other engineers to implement best practices.

What You Will Do

  • Develop general techniques and frameworks that will enable other teams to find flaws before they are introduced into production
  • Be a security subject matter expert and respond to any internal security engineering questions/requests
  • Work with product engineers to help design solutions that are inherently secure
  • Perform technical security assessments of our web applications, mobile clients, cloud services, and partner applications
  • Perform reactive incident response when a security event occurs
  • Prepare for, conduct, and report on external and internal audits, ensuring overall adherence to policy standards
  • Communicate risks to technical staff through training and demonstration of vulnerabilities and secure design patterns
  • Coordinate across internal and external stakeholders to ensure full compliance within our technical stack

What Technical Skills Will Help You be Successful

  • Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
  • Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode
  • Knowledge of authentication mechanisms like SAML, OAuth, etc.
  • 3+ years of experience in software development in a production environment
  • Experience with Ruby, Python, and Node
  • 3+ years of experience working with cloud infrastructure
  • Experience in a HIPAA-compliant environment is a huge plus
Visa sponsorship or transfer not available for this position.
Beam believes a diverse and inclusive environment is key to building a great company and a great product. We are committed to creating an environment that is welcoming for people of all backgrounds, and encourage everyone to apply. Beam is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.