Application Security Engineer

Columbus, OH (or Remote) /
Technology – Engineering /
Full Time
About Beam

Beam Dental was founded in 2012 by three engineers who saw the opportunity to modernize the dental insurance industry using technology. The first product was the Beam Brush, which was one of the earliest examples of the Internet of Things in healthcare. Today, Beam Dental is the fastest growing provider of dental benefits in the country and is available in over 40 states around the US. Beam’s product focuses on ease of use, tailored pricing, and a unique commitment to preventative care by incorporating dental hygiene behavior into policy pricing.

Joining Beam Means

• Working in a complex and dynamic business, simultaneously operating across insurance, CPG manufacturing, IoT, and dental services
• Being supported and encouraged to improve every day by working collaboratively with a diversely skilled team
• Engaging in an energizing, committed, and fun work environment
• Being empowered as an ‘owner’ of your subject matter and work
• Joining in our mission to forever change the way people access benefit
• Being a person of high character, high EQ, and amazing talent

The Role

Beam is looking for Application Security Engineers to join our Engineering team. Our Application Security Engineers are responsible for proactively finding issues in our applications and infrastructure, and for building out tooling and processes that enable our engineering organization to move quickly without sacrificing the safety of our customer data.

What you will bring:

You're an experienced Software Engineer with a background working in application security. You have a knack for finding flaws in software and infrastructure, and an ability to effectively work with other engineers to form a plan and fix those gaps. You believe in spreading security knowledge throughout the engineering organization, by focusing on teaching and working with other engineers to implement best practices.

What you will do:

    • Develop general techniques and frameworks that will enable other engineering teams to find flaws before they are introduced into production
    • Be a security subject matter expert and respond to any internal security engineering questions/requests
    • Work with product engineers to help architect solutions that are inherently secure
    • Perform technical security assessments of our web applications, mobile clients, internal services, and partner applications
    • Perform reactive incident response when a security event occurs
    • Prepare for, conduct, and report on external and internal audits, ensuring overall adherence to policy standards
    • Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
    • Coordinate across internal and external stakeholders to ensure full compliance within our technical stack

What technical skills will help you be successful:

    • Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
    • Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode
    • Knowledge of authentication mechanisms like SAML, OAuth, etc.
    • 2+ years of experience in software development in a production environment
    • 2+ years of experience working with cloud infrastructure
    • Extremely strong communication skills and high empathy
    • Experience in a HIPAA-compliant environment is a huge plus
Visa sponsorship or transfer not available for this position.

Visa sponsorship or transfer not available for this position.
Beam believes a diverse and inclusive environment is key to building a great company and a great product. We are committed to creating an environment that is welcoming for people of all backgrounds, and encourage everyone to apply. Beam is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.