DevSecOps Engineer

About us

Joint Academy is a global leader in delivering digital treatment for chronic joint pain, connecting patients with licensed Physical Therapists. Backed by science, our treatment is based on a clinically validated face-to-face treatment and includes individualized exercises, interactive education and tracking tools. The intersection of digital treatment and data science opens up to new possibilities of treating patients in a sustainable and more personal way, while reducing pain and improving quality of life.

Our Tech

Our tech department consists of 50+ developers aiming for creating a scalable and user friendly tech platform which can easily be released in several countries with great patient value. We balance the fast pace required in a startup with continual investment in frameworks, tools and practices to keep our platform healthy in the long term. The tech team will continue to grow the coming year.

What You'll Do

As an early joiner in our DevSecOps team, this will be a key role and unique opportunity to influence how we integrate security into our development process. You will join a team of dedicated and skilled software professionals building a cutting-edge e-health platform. In this role you will provide leadership in the DevSecOps areas of Vulnerability Scanning, Certificate Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts. You will also assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open source solutions.

We believe that you have experience in

• DevOps Automation
• Familiarity with API Security, Container Security, AWS Cloud Security
• Knowledge of privacy laws and regulations for example HIPAA HITECH and GDPR
• Familiarity with Amazon AWS Policy, Configuration, and Security Management tools
• Experience with security automation

Other keys things we would value

• Bachelor's Degree in Computer Science or related field.
• Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
• Experience coordinating and performing vulnerability assessments through the use of automated and manual tools.
• Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
• Capability to prepare security vulnerability and risk management reports for management.
• Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
• Proficiency in Python or other scripting languages.
• Experience implementing Information Security frameworks and standards
• Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools.
• Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
• Assist the Compliance team in developing tooling and dashboards to ensure continuous compliance
• You hold a permanent Swedish job permit. It's an advantage if you are based in the Skåne region, but we are open for remote work within Sweden.

Benefits

• You will work with something meaningful and a product that has a positive impact on many people's lives globally
• You will have the opportunity to work with a unique mix of people with different expertise, including leading academic scientists, medical professionals and experienced product developers
• 30 days paid vacation
• Pension and insurance package
• Flexible working hours
• Wellness contribution and workout during working hours
• Weekly techatons and a budget for competence development
• Modern office in Malmö with great views of the city, only 400 meters from Malmö central station - or work remotely in the comfort of your own home