Application Security Engineer

At Dario, every day presents a new opportunity for you to make a difference by contributing to our mission of making better health easily accessible. You will be part of a team that helps hundreds of thousands of individuals worldwide improve their health. Imagine the impact you can have by being passionate, smart, and collaborative in your career with us. As an Application Security Engineer at Dario, your primary role will involve collaborating directly with development teams to ensure the creation and maintenance of secure applications. This position requires a combination of hands-on security expertise and software development skills to implement security best practices throughout the development lifecycle. Your responsibilities will include partnering with development teams to conduct security design reviews and threat modeling sessions, performing security code reviews and penetration testing of web applications and APIs, implementing security controls and features directly in application code, developing and maintaining security testing automation frameworks, leading security incident response and vulnerability management efforts, creating and maintaining security documentation, guidelines, and training materials, documenting security testing results and driving closure of open issues, monitoring and evaluating emerging security threats and attack vectors, and working closely with Development and Product teams in India and the US. To qualify for this role, you should have a Bachelor's degree in Computer Science, Cybersecurity, Biomedical Engineering, or a related field. Additionally, you should possess a strong understanding of medical device cybersecurity regulations, experience with FDA design controls and software validation processes, knowledge of relevant medical device standards, familiarity with compliance frameworks, demonstrated experience with security risk management in medical device development, proficiency with security testing tools, knowledge of common web vulnerabilities, understanding of exploitation techniques, familiarity with secure coding practices, cryptography, authentication/authorization frameworks, knowledge of CI/CD pipelines and DevSecOps practices, understanding of HIPAA compliance and healthcare data security, experience with container security and Kubernetes, strong communication skills, and the ability to explain security concepts to technical and non-technical stakeholders. At DarioHealth, we value diversity of thought, culture, and background. We strive to create an inclusive and equitable working environment for all employees and job candidates, without discrimination based on any factor. Join us in enriching our diversity and contributing to our mission of improving global health outcomes.,