Are you ready to protect the security and privacy of our patients to ensure the best user experience of the top European healthcare product used and loved by millions of patients and doctors?If so, we are looking for a skilled, passionate Application Security Engineer who loves to reveal potential security issues, fix them, communicate about it, along with crafting solutions to rule out those weaknesses.
We are responsible of keeping millions of users health record safe and private, that’s why we want to build the best team in order to maintain a state-of-the-art, healthcare compliant information system and product.
Example of our current challenges:
- Define a seamless and efficient password policy to secure users access to Doctolib
- Train developers on common web vulnerabilities like SQLi or XSS
- Build security tests to detect vulnerable functionalities in the product?
What you will do:
- Perform security assessments of existing and upcoming Doctolib’s features and products
- Review code and design of our products
- Fix vulnerabilities
- Maintain and contribute to Doctolib’s Secure Development Lifecycle
- Help our product owners to ship ‘secure by design’ features
- Contribute to Doctolib’s bug bounty program
- Raise awareness of our developers to security best practices
- Create security tests to avoid any regression
Your profile :
- You are passionate about application security and development!
- Security assessments of web applications have no secret for you!
- You have a strong understanding of common and uncommon web application vulnerabilities and mitigations (OWASP Top10)
- You are familiar or eager to learn about security vulnerabilities specific to Ruby on Rails
- You have a good understanding of security in distributed systems at scale
- You speak English and French fluently
- You are able to collaborate with all people working in the company (tech & non-tech)
- You are autonomous, pragmatic & have good structuration skills
- You proactively contribute to Doctolib’s security
What we offer you :
- A team of 1000 amazing people, passionate about a common project
- Time and budget for self-development: participation in conferences & free time dedicated to prepare talks for meetups and conferences
- Great office in Levallois!
- A few DoctoParties, DoctoMonthly Meetings, DoctoBeers, DoctoWeek-ends..
- The opportunity to revolutionize a whole industry!
- Contract: full-time position
- Start: as soon as possible
- Location: Levallois (relocation package if needed)
- Package: attractive salary depending on profile
Who we are:
Founded in 2013, Doctolib is the fastest growing and largest ehealth startup in Europe.
For patients, Doctolib is an online free service which enables them to find a nearby health practitioner, book appointments 24/7 within a few clicks and manage medical bookings.
For doctors and hospitals, Doctolib is a software with a full-range of services dedicated to improve their day-to-day organization, develop their practice, build a premium patient experience and allow them to collaborate more easily with referring doctors. We commit to deliver user friendly tools & services with the goal to improve people’s health and quality of life of people working in healthcare. We are particularly focused on building an organisation where people thrive, grow in their careers, and enjoy having high impact through their work.
Doctolib in a nutshell
- We collaborate with 100K doctors and 2K healthcare facilities including some of the most important hospitals in France (AP-HP) and Germany.
- We gather 45 million patients on our platform each month with a significant growth
- We are 1 000 Doctolibers located in 35 offices (France and Germany) with our headquarter in Paris.
- We have raised €150m from Accel Partners (investor in Facebook, Spotify, Dropbox...), Bpifrance (Sigfox, Withings, Parrot), Kerala Ventures, Eurazeoand and some entrepreneurs (Nicolas Brusson (BlaBlaCar), Pierre Kosciusko-Morizet (PriceMinister), Ludwig Klitzsch (CoMedicum), Bertrand Jelensperger (TheFork)...).
The 5 Core Values of Doctolib: the « SPAAH »
- Service: Delivering an outstanding service.
- Passion: Being passionate and creating fun.
- Ambition: Being ambitious, with no limits.
- Attack: Being determined.
- Humility: Being humble and sensitive to others.