Sr. Security Analyst - Cloud Security & Application Security
Blink Health is a healthcare technology company that builds products to make prescriptions accessible and affordable to everybody. Our two primary products – BlinkRx and Quick Save – remove traditional roadblocks within the current prescription supply chain, resulting in better access to critical medications and improved health outcomes for patients.
BlinkRx is the world’s first pharma-to-patient cloud that offers a digital concierge service for patients who are prescribed branded medications. Patients benefit from transparent low prices, free home delivery, and world-class support on this first-of-its-kind centralized platform. With BlinkRx, never again will a patient show up at the pharmacy only to discover that they can’t afford their medication, their doctor needs to fill out a form for them, or the pharmacy doesn’t have the medication in stock.
We are a highly collaborative team of builders and operators who invent new ways of working in an industry that historically has resisted innovation. Join us!
- Design and implement Threat and Vulnerability Management program for AWS cloud and Engineering applications.
- Ensure alignment with the Security Pillar of AWS Well Architected Framework.
- Facilitate and review Threat modeling with Applications teams.
- Conduct Security architecture review of key application enhancements.
- Manage the operations of cloud security tools, triage and prioritize findings, work with stakeholders to fix defects.
- Manage the operations of source code scanning security tools (SAST), 3rd party modules scanning security tools (SCA), runtime application scanning security tools (DAST). Triage and prioritize findings, work with stakeholders to fix defects.
- Manage the operations of API security tools. Triage and prioritize findings, work with stakeholders to fix defects.
- Manage the operations of Data Security tools. Monitor, Identify, triage, and prioritize findings. Work with stakeholders to fix defects.
- Manage the operations of SIEM, ensure security logs are being sent to the SIEM, configure and find fund thresholds and alerts.
- Perform internal application pen tests. Identify, triage, and prioritize findings. Work with stakeholders to fix defects.
- Monitor alerts and respond to security incidents according to incident response plan.
- Monitor identity security including Periodic review of access logs, anomaly access and account review, excessive and outlier permissions, inactive accounts with high privileges.
- Prepare relevant metrics and status reports related to Cloud Security and Engineering Application Security
- Develop and maintain content for Cloud Security and Engineering Applications for Infosec CoE (Center of Excellence) and Product Security Baselines.
- Assists in the review and update of cyber security policies, architectures and standards.
- Assists in responding to audits, penetration tests and vulnerability assessments.
- Bachelor’s degree in computer science, cybersecurity or a related field
- 5+ years of experience in Information Security
- Certifications (CISSP) or equivalent is a plus. AWS Security certification is a plus.
- Experience in AWS Cloud Security
- Experience in OWASP Top Ten, API Security, Data Security, SAST, SCA, DAST
- Experience in WAF, IAM, DLP
- Experience in XDR, SIEM, SOC
- Familiarity with GitHub, Kubernetes
- Familiarity with Networking, VPN, Firewall
- Familiarity with Compliance Frameworks & Controls (HIPAA, PCI)
Why Join Us:
It is rare to have a company that both deeply impacts its customers and is able to provide its services across a massive population. At Blink, we have a huge impact on people when they are most vulnerable: at the intersection of their healthcare and finances. We are also the fastest growing healthcare company in the country and are driving that impact across millions of new patients every year. Our business model not only helps people, but drives economics that allow us to build a generational company. We are a relentlessly learning, constantly curious, and aggressively collaborative cross-functional team dedicated to inventing new ways to improve the lives of our customers.
We are an equal opportunity employer and value diversity of all kinds. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.