We are a 100+ person team funded by top-tier firms, based in Santa Monica, CA with satellite offices in San Francisco. We are a low-key but tight-knit group of hard-working people working to solve big problems. Americans spend almost $400 billion per year on prescription drugs and people are often unable to afford medications they desperately need. Join GoodRx and help us solve meaningful problems that help us make people’s lives better.
About the Role: GoodRx is looking for a hands-on Senior Security Engineer to keep information safe and eliminate risks across our products and internal systems. This individual will collaborate with GoodRx’s Lead Security Engineer and engineering team to ensure our services are well vetted and maintained. The Sr. Security Engineer will be technically savvy, a strong multitasker and be one step ahead to ensure consistent coverage and eliminate any room for vulnerabilities.
Design and develop security testing scenarios and perform ongoing security testing and code review to improve our security posture.
Conduct research on emerging products, services, and standards in support of security enhancement and development efforts.
Maintain our security monitoring solutions and make changes when needed to improve visibility and relevancy of alerting.
Serve as the security expert and communicate information security-related concepts to technical and non-technical team members.
Help oversee the organizations bug bounty program and work with independent security researchers as needed.
Work directly developers and product managers to help define security requirements for new projects and products.
Skills & Qualifications:
Knowledge and experience complying with various security standards and best practices, particularly related to high traffic consumer facing websites.
Expert technical knowledge of database and Linux operating system security
Minimum 5 years' experience in the field of application security.
Minimum 3 years’ experience with Amazon Web Services products and services. (EC2,S3,RDS,Macie,Lambda,etc.)
Degree in Computer Science or equivalent experience.
Red/Blue team or relevant experience with modern penetration testing tools.
Experience with PCI / SOX / SOC-2 / HIPPA audits a plus.
Strong knowledge of web application design, development and testing techniques
Strong capacity for debugging web application and security issues.
You enjoy researching the latest IT security trends.
Strong problem solving and creative skills and the ability to exercise sound judgment and make decisions based on accurate and timely analyses.
About GoodRx GoodRx is America’s leading prescription price transparency platform. More than 8 million people use the GoodRx website and our mobile apps each month. GoodRx helps consumers save up to 80% on their medications by delivering prices and available discounts at nearly every pharmacy in the U.S. Thousands of physicians and employees use GoodRx, and its services have been positively reviewed by Good Morning America, the American Heart Association, The New York Times, ABC News, AARP, Forbes and many others.