Software Engineer, Security

Doximity is transforming the healthcare industry. Our mission is to help doctors be more productive, informed, and connected. As a software engineer, you’ll work within cross-functional delivery teams alongside other engineers, designers, and product managers in building software to help improve healthcare.

Our team brings a diverse set of technical and cultural backgrounds and we like to think pragmatically in choosing the tools most appropriate for the job at hand.

What we’re looking for

You’re a software engineer with years of experience and a deep understanding of software engineering practices.
You either have experience with security or really want to dive in headfirst and learn.
You are not afraid of:
- Reading, reviewing, and implementing our implementation of the oauth spec.
- Getting dirty with CORS, CSRF, XSS, etc
You’re proficient in:
- Ruby, Python, or Golang. Not afraid to learn the rest.
- Javascript
You have experience working with Terraform and Chef (or similar tooling).
You are proficient with Linux/Unix, AWS, and Git.
You are self-motivated and able to manage yourself and your own queue.
You are a problem solver with a passion for simple, clean, and maintainable solutions.
You agree that concise and effective written and verbal communication is a must for a successful team.
You are able to maintain a minimum of 5 hours overlap with 9:30 to 5:30 PM Pacific time.
You can dedicate about two weeks per year for travel to company events.

Here’s How You Will Make an Impact

Help maintain our private security bug bounty program hosted on hackerone: this involves engaging security researchers, validating security finds, determining impact/risk, awarding bounties, and fixing or coordinating remediation efforts.
Help set good security posture; this includes finding bad security habits in applications and encapsulating good secure defaults into libraries/modules, creating training materials for application developers, etc.
Work side-by-side with the rest of the infrastructure, application, and data teams to empower all of engineering to move quickly while meeting security requirements.
Design and implement secure and easy-to-use tooling and abstractions for other teams to leverage.
Active involvement in the design, implementation, and maintenance of the development, staging, and production infrastructure.
Participate in an on-call rotation for the services owned by your team.
Help ensure the stability and uptime of services within the organization.
Create concise post-mortems in the event of an outage.
Write and maintain run-books for other engineers to leverage.
Ensure proper security, monitoring, alerting, and reporting.

About Doximity

Here are some of the ways we bring value to doctors
Our web applications are built primarily using Ruby, Rails, Javascript (Vue.js), and Golang
Our data engineering stack run on Python, MySQL, Spark, and Airflow
Our production application stack is hosted on AWS and we deploy to production on average 50 times per day
We have over 350 private repositories in Github containing our applications, forks of gems, our own internal gems, and open-source projects
We have worked as a distributed team for a long time; we’re currently about 65% distributed
Find out more information on the Doximity engineering blog
Our company core values
Our recruiting process
Our product development cycle
Our on-boarding & mentorship process

Benefits & Perks

Generous time off policy
Comprehensive benefits including medical, vision, dental, Life/ADD, 401k, flex spending accounts, commuter benefits, equipment budget, and continuous education budget
Pre-IPO stock incentives
.. and much more! For a full list, see our career page