Rally Health is looking for a Senior Security Full Stack Engineer to join our IT Security team. This type of role is for a unique personality set that thrives on Full Stack / web development and DevOps projects. Security team members work closely with application development, marketing, IT and operations groups across Rally Health to ensure that new and existing technical solutions are implemented in a manner that preserve the confidentiality, integrity and availability of customer data and Rally Health intellectual property.

This individual will be a subject matter expert in the domain of Full Stack / web development / DevOps as it relates to servers, web services, and web applications. They will be working to architect, implement and manage internal-facing and external-facing web sites / tools / dashboards to help our corporate websites run smoothly as well as automating day to day tasks, security metrics and analytics.

Responsibilities

Qualifications

Education/Certifications

Rally Health is committed to ensuring that its workforce reflects America’s diverse population.  Rally Health knows that such diversity will enrich us with the talent, energy, perspective and inspiration it needs to achieve its mission.  Rally Health believes in a policy of equal employment and opportunity for all people based on merit and commitment to the principles of diversity.  It is our policy to recruit, hire, train, and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, child birth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, family responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.

Individuals with disabilities and veterans are encouraged to apply.  Applicants who require an accommodation related to the application and/or review process should notify Jin Yoo, Sr. Manager - Talent Acquisition (recruiting@rallyhealth.com). 

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records

Desired Skills and Experience

  • Full stack support for corporate websites.
  • Implement new technical solutions to accommodate new goals and feature requests for corporate websites.
  • Build custom tools and dashboards for security analytics and reporting.
  • Improve automation of daily operational tasks by leveraging vendor APIs, custom scripts and configuration management systems.
  • Perform security reviews of server / web application architecture and ensure compliance with Rally Health security policies and best security practices.
  • Analyze potential impact of new threats and exploits and communicate risks to relevant business units
  • Three or more years of technical experience in the systems engineering or software engineering field. Work experience in an environment certified and compliant with a globally recognized Security Framework / Information Security Management System (NIST SP 800-53, ISO27001, HIPAA, HiTrust, SOX, PCI) is a plus.
  • Working knowledge of web development within AWS (EC2, CloudFront, S3, IAM, VPC, Route53)
  • Proficient knowledge of Linux (Ubuntu, CentOS, RHEL)
  • Proficient knowledge of Chef and or Ansible.
  • Proficient knowledge of web servers (Apache, Nginx, IIS)
  • Proficient knowledge of a back-end programming language (PHP, Ruby, Python, Java)
  • Proficient knowledge of databases (Oracle, MySQL, PostgreSQL, MongoDB)
  • Proficient knowledge of HTML5, CSS3, XML, JSON, XSLT and JavaScript
  • Good understanding of code versioning tools (Git, BitBucket, SVN, CVS)
  • Good understanding of cryptography for data at-rest and data in-transit
  • Experience automating the administration of systems through scripting and APIs
  • Experience customizing and extending functionality of web application frameworks or content management systems
  • Ability to work extremely well under pressure while maintaining a professional image and approach
  • Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause
  • Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports
  • Team player with proven ability to work effectively with other business units, IT Security management and staff, vendors, and consultants
  • Ability to present information to stakeholders and/or decision makers in an effective and professional deliverable
  • Bachelor’s degree in management information systems, computer science, or related discipline is required
  • Postgraduate degrees and certificate programs in relevant areas that demonstrate analytical writing will also be considered.