Welldoc

Cyber Security Engineer

Welldoc  •  Bengaluru, IN (Remote)  •  7 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

-

We are looking for a Security Engineer with less than six years of cybersecurity experience who has a solid grasp of the CIA Triad and hands-on experience with Threat Modeling and Risk Assessments. You should have a deep understanding of the OWASP Top 10 and the MITRE ATTACK framework.


JOB DUTIES:

  1. Secure Architecture & Threat Modeling
    Conduct Threat Modeling and Risk Assessments using the STRIDE methodology during the design phase of the SDLC.
    Develop and maintain Security Architectural Diagrams that define network segmentation, trust boundaries, and data flow across cloud environments.
    Apply the CIA Triad (Confidentiality, Integrity, and Availability) to every architectural decision, balancing security with system performance.
  2. Vulnerability Management & Remediation
    Execute and oversee SAST and DAST programs (utilizing tools like Veracode) to identify code-level and runtime flaws.
    Perform deep-dive analysis of CVEs and third-party library risks; spearhead the creation of the SBOM (Software Bill of Materials).
    Partner with development teams to document security issues and provide a clear, actionable & Plan to Fix & for identified flaws.
  3. Identity & Access Management (CIAM)
    Design and implement secure authentication and authorization flows using SAML 2.0 and OpenID Connect (OIDC).
    Provide subject matter expertise on CIAM best practices to ensure seamless yet secure user experiences and APIs security.
  4. DevSecOps & Automation
    Automate security scanning and policy enforcement within the DevOps CI/CD pipeline.
  5. Coordinate with Development and QA team
    Understands the concept of CVE, CWE and CVSS and can work on prioritizing the security related issues with high-risk scores and work with development and QA team to fix the security issues and execution of security test cases.

YOU MUST HAVE:

  • Excellent documentation and communication skills
  • Deep understanding of Threat modeling and Risk Assessment
  • Good understanding of cloud environments and security
  • Certifications: CEH, CISSP, AZ500
Welldoc

About Welldoc

Health meets simplicity.

Welldoc’s AI-driven platform delivers personalized, actionable insights, empowering individuals and their care teams to achieve better health outcomes.

Industry
Healthcare & Social Services
Company Size
201-500 employees
Headquarters
Columbia, Maryland
Year Founded
2005
Website
welldoc.com
Social Media