About Us:
At nFerence Labs, the "Google of Biomedicine" (See also nference.ai/news for more information on our research work especially pertaining to Covid19), we are building the world's first massive-scale platform for pharmaco-biomedical computing. Our platform is premised on using AI/Deep Learning (on clinical text, medical images, and other signals) and massive high-performance computing to help pharma companies perform faster and more efficient drug discovery, and also help early diagnosis of several key diseases.
We collaborate heavily with premier medical institutions such as the Mayo Clinic and build systems to get deep medical insights from patient information including patient notes and lab information, medical images, ECGs, etc. We are a well-funded company and are looking to grow on all fronts.
Our team is a blend of CS folks and domain experts (biological science and medical MDs, PhDs, etc) constituting a unique community built of alumni from the likes of MIT, Harvard, the IITs, IISc, and other premier institutions.
Responsibilities:
- Assist in implementing security tools and automation within CI/CD pipelines.
- Work closely with developers, operations engineers, and SRE teams to integrate security seamlessly into the software development lifecycle.
- Contribute to security testing activities, including threat modeling and vulnerability assessments.
- Implement secure-by-default configurations across AWS, Azure, and GCP environments.
- Learn, integrate, and automate cloud security tools using Python and Bash scripting.
- Support container and cloud security initiatives, including security assessments and remediation efforts.
- Monitor security alerts, improve DevSecOps pipelines, and assist with compliance-related activities.
- Contribute to the development, implementation, and maintenance of security policies and procedures.
- Stay current with emerging security threats, technologies, and industry best practices.
Role:
- 20% Security Testing, Threat modeling
- 30% Security Automation, AI
- 20% Cloud, Container Security Implementation
- 30% Business as Usual(BAU). (Alert Monitoring, Improving devsecops pipeline, compliance, etc.)
Required Skills & Qualifications:
- 0-1 years of experience in Cybersecurity, Application Security, DevSecOps, or a related field.
- Strong proficiency in Python and Bash scripting.
- Ability to build Docker images from scratch.
- Strong understanding of common web application vulnerabilities, including XSS, SQL Injection, SSRF, and XXE.
- Good understanding of authentication and authorization mechanisms such as SAML, OAuth, and JWT.
- Demonstrated passion for cybersecurity through projects, research, CTFs, bug bounty participation, or self-learning.
- Ability to learn quickly, adapt to new technologies, and solve complex technical problems.
Preferred Skills:
- Knowledge of Kubernetes and container orchestration.
- Familiarity with cloud platforms such as AWS, Azure, or GCP.
- Familiarity with CI/CD tools such as Jenkins and GitLab CI.
- Contributions to open-source projects or security tools.
- Experience with bug bounty programs, responsible disclosure, or published CVEs/security findings.
Bonus:
- A solid background in software engineering or data science, with the capability to collaborate closely with the engineering team by engaging in meaningful technical discussions, providing insights, and effectively bridging business and technical perspectives.
- Collaborate with clinical, engineering, and data science teams to translate healthcare domain insights into product strategies, ensuring compliance with regulations while enhancing patient and provider experiences.