Senior Security Engineer

Job Description

At Accurx, we're on a mission to make patients healthier and healthcare staff happier.

Who are Accurx?

We’re a fast-growing health technology company which makes it easier for patients and healthcare teams to communicate.

Accurx is where conversations happen with and about patients. Our software helps doctors, nurses, pharmacists and administrators and other professionals to seamlessly connect with both patients and each other.

Our mission is simple: everything we do is to make patients healthier and healthcare staff happier. Today, Accurx is used in 98% of GP practices nationwide and every day more healthcare professionals are using our software in hospitals, pharmacies, care homes and the community.

We’re passionate about staying close to our users, which is why everyone at Accurx visits a GP practice at least twice a quarter to understand how a practice runs, the difficulties they face with technologies and how we can help.

Although we’ve initially tackled the UK healthcare system, we have big ambitions to improve healthcare systems across the world in the future. You can view more about the impact we’ve had so far here.

Life as a Senior Security Engineer at Accurx

This is a fantastic opportunity as you will be the first dedicated security engineer within the team. We expect the team to grow as we grow, and it will initially be your responsibility to work with our CISO to continue building on our current security practices to enable the operations of a successful and high performing function. At Accurx we believe in security by design, all AccuFolk are secure first as part of our culture. You will help drive this culture forward through the continuous design and implementation of technical security controls across the business. You will do this by working with our product engineering, DevOps and IT operations teams to ensure the highest standards of security around patient data!

Your main responsibilities will include:

• Recommending and implementing technical controls and solutions to mitigate risks identified throughout the organisation’s development life-cycle.
• Working with our product engineering function to design application security related product features across our products to enhance the value and security of our products.
• Testing technical controls through vulnerability and penetration testing of our applications and infrastructure setup, to ensure the security of personal and patient data.
• Deliver secure code training to our engineers.
• Helping our organisation define its security strategy, working with our CISO to do so.
• Working with third-party suppliers to ensure proper testing of our applications.
• Research, design and develop methods of applying automated controls against known and common security attack patterns;
• Driving the adoption of container security including:
• The security of our Kubernetes clusters, access control, security operators and more;
• Drive container security initiatives including container scanning and base container image hardening
• Owning application security testing tools (i.e. SAST, DAST) to maintain application security baseline;

“It is such a privilege to work with a company that is having such a huge impact on healthcare! Being part of the security team at Accurx means you will form part of a core function that is working tirelessly to make sure our products and our data are secure, enabling our colleagues to focus on continuing to improve patient care!” Diane, CISO

We'd really like to hear from you, if ...

• You've got experience working as a Security Engineer or as a Security Consultant
• You have experience improving and defining information and product security processes, or helping define an organisation's strategy
• You have experience coordinating and performing security pentests, tying automated tools with manual exploitation of the industry’s latest information security vulnerabilities;
• You have experience in application security or ensuring the security of SaaS products
• You have done security development work (i.e. you've enough programming experience to write scripts to integrate security products)
• You have some experience in security testing and remediation of findings
• You have experience explaining complex security concepts to engineers and non-technical colleagues
• You have an understanding of web and desktop application security weaknesses
• You're mission-driven and care about positively impacting the lives of billions
• You're passionate about improving healthcare
• You're excited by change and a fast-paced learning environment
• You love solving problems, and relish in the constant challenges a startup throws your way
• You're an excellent communicator with the ability to translate complex to simple, bringing your ideas to life - Ability to demonstrate and communicate how vulnerabilities can be exploited
• When you see something not working, you'll flag it and be part of the solution
• You share our values

Salary & Benefits package:

• £100,000 - £120,000 + the value of £80,000 share options (see our public progression framework and salary bandings)
• £1,000 annual learning & development budget and a £500 annual wellness budget
• Enhanced parental leave policy
• Prayer, meditation and breastfeeding room
• In house therapists available daily
• Working abroad policy
• We have our very own Chef! Free healthy breakfasts, snacks and lunches will be provided, with the occasional sweet treat!
• And much more.

Hybrid workplace

We offer the team the option to work from home 2 days a week. Read more about our policy here.

Want to do a little more research before you apply?

Head over to our main careers page to find out more about the team and our employee handbook. You can also find out more about us on Medium, LinkedIn and Twitter & Instagram.

Our YouTube channel is full of demos of our product, webinars we have held with our users and some clips about life at Accurx.

Diversity & Inclusion

Accurx is committed to being an inclusive employer - you can find out more about this commitment here. As part of this, we’re glad to accommodate candidates who need adjustments throughout the interview process.

We work in partnership with Stonewall as part of their Diversity Champions program. This is because we believe in a world where all LGBTQ+ people are free to be themselves and can live their lives to the full. Inclusive workplaces have a huge part to play in making this world a reality.

We've officially been accredited as a flexible workplace by Flexa® Careers.