Security Engineer

  • Full time
  • Prague
  • Posted 1 week ago
Mobile (junior)
Ruby on Rails (regular)
AWS (regular)
Information Security (advanced)
Cybersecurity (advanced)

About the role

Physitrack, founded in 2012, is a digital healthcare company and the provider of a solution for patient engagement that encompasses clinical home exercise and education prescription, outcomes tracking and Telehealth for physical rehabilitation and prevention. Physitrack was born out of a desire to create a more effective way to prescribe exercise programs, as well as improve patient outcomes and reduce unnecessary wastage in healthcare systems around the world.
Physitrack is used by 100,000+ healthcare professionals in 102 countries, including physical therapists, MDs, surgical specialists, exercise physiologists and chiropractors in public and private healthcare. Physitrack has been a key part of Apple’s Mobility Partner Program since 2015.
We are looking for passionate security engineer willing to take ownership of the security process and tools for their teams. The main responsibilities of this role are to help a team deliver high-quality software taking security considerations into account and providing guidance to backend, frontend and mobile teams.
To excel at this role, you need to be passionate about DevSecOps. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.

What you’ll be doing

  • Working closely with developers, acting as a Subject Matter Expert in security threats, vulnerabilities, risks & controls.
  • Working independently and collaboratively with a development team to support their activities.
  • Taking ownership of the security side of our AWS infrastructure, Ruby on Rails application as well as iOS and Android apps.
  • Support the teams with ongoing security risk assessments of new and in-flight projects.
  • Proactively test the security posture and guide the remediation work for identified application security risks and vulnerabilities.
  • Identify opportunities for vulnerability remediation and mitigation
  • Develop tools, documentation, processes, and techniques to ensure the security of our software
  • Share your experience with the organization to foster a culture of excellence 

What you bring to the role

  • Track record of application security testing, and analysis in modern development environments.
  • Hands-on software engineering experience, proficiency with at least one scripting/programming language.
  • Experience with AWS-hosted applications
  • In-depth knowledge of OWASP guidelines
  • Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
  • Solid knowledge of security testing tools and techniques
  • Being a strong communicator (in English) who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
Bonus points
  • Experience as a hands-on developer in Ruby or DevOps role
  • Prior engagement in security efforts for mobile applications

What we offer

  • Full ownership of the projects you work on.
  • Proper work-life balance
  • Flexible work hours in a distributed, remote-first engineering team
  • Async work with as few meetings through the week as possible
  • Small, just forming team
  • What you will be doing will have a real impact on customers’ health and life.
  • Teams of passionate people who love what they do.
  • Exciting projects, the ability to implement your own ideas and improvements.
  • Opportunity to learn and grow.
  • All teammates get 20 days of regular PTO
  • Regular team retreats in some amazing locations around the world
  • Modern hardware
Interested? Apply now, or email us any questions! You can reach out directly to the hiring manager for this role <a href="https://

To apply for this job please visit