Application Security Engineer

Columbus, OH
Engineering
Full Time
About Beam

Beam Dental was founded in 2012 by three engineers who saw the opportunity to make dental services more accessible using technology. The beam brush, which launched the company, was one of the earliest examples of the ‘Internet of Things’, where everyday objects can enable incredible new understanding and capability. Today, Beam Dental has parlayed its industry passion into the fastest growing provider of dental insurance in the US, with a mission to offer businesses best in class dental coverage and close the gap on the over 100 million Americans who don’t have dental insurance today.

Joining Beam Dental Means

• Working for a complex and dynamic business, simultaneously operating across insurance, CPG manufacturing, IOT, and dental services
• Being challenged to improve every day by a diverse and diversely skilled team
• An active, intense, and fun work environment
• Being a decision maker and ‘owner’ of your subject matter
• Joining in our mission to forever change the way people access dental services
• Being a person of high character, high EQ, and amazing talent

The Role

Beam is looking for Application Security Engineers to join our Engineering team. Our Application Security Engineers are responsible for proactively finding issues in our applications and infrastructure, and for building out tooling and processes that enable our engineering organization to move quickly without sacrificing the safety of our customer data.

What you will bring:

You're an experienced Software Engineer with a background working in application security. You have a knack for finding flaws in software and infrastructure, and an ability to effectively work with other engineers to form a plan and fix those gaps. You believe in spreading security knowledge throughout the engineering organization, by focusing on teaching and working with other engineers to implement best practices.

What you will do:

    • Develop general techniques and frameworks that will enable other engineering teams to find flaws before they are introduced into production
    • Be a security subject matter expert and respond to any internal security engineering questions/requests
    • Work with product engineers to help architect solutions that are inherently secure
    • Perform technical security assessments of our web applications, mobile clients, internal services, and partner applications
    • Perform reactive incident response when a security event occurs
    • Prepare for, conduct, and report on external and internal audits, ensuring overall adherence to policy standards
    • Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
    • Coordinate across internal and external stakeholders to ensure full compliance within our technical stack

What technical skills will help you be successful:

    • Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
    • Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode
    • Knowledge of authentication mechanisms like SAML, OAuth, etc.
    • 2+ years of experience in software development in a production environment
    • 2+ years of experience working with cloud infrastructure
    • Extremely strong communication skills and high empathy
    • Experience in a HIPAA-compliant environment is a huge plus
Visa sponsorship or transfer not available for this position.

---------------------------------------
Beam believes a diverse and inclusive environment is key to building a great company and a great product. We are committed to creating an environment that is welcoming for people of all backgrounds, and encourage everyone to apply. Beam is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.