At Dario, Every Day is a New Opportunity to Make a Difference.

We are on a mission to make better health easy. Every day our employees contribute to this mission and help hundreds of thousands of people around the globe improve their health. How cool is that? We are looking for passionate, smart, and collaborative people who have a desire to do something meaningful and impactful in their career.

Dario is seeking an Application Security Engineer to collaborate directly with our development teams to build and maintain secure applications. This role combines hands-on security expertise with software development skills to implement security best practices throughout the development lifecycle.

Responsibilities:

• Partner with development teams to conduct security design reviews and threat modelling sessions
• Perform security code reviews and penetration testing of web applications and APIs
• Implement security controls and features directly in application code
• Develop and maintain security testing automation frameworks
• Lead security incident response and vulnerability management efforts
• Create and maintain security documentation, guidelines, and training materials
• Document security testing results and drive closure of open issues.
• Monitor and evaluate emerging security threats and attack vectors
• Work closely with Development, Product teams in India and US.

• Bachelor's degree in computer science, Cybersecurity, Biomedical Engineering, or related field Bachelor's degree in Computer Science, Cybersecurity, Biomedical Engineering, or related field
• Strong understanding of medical device cybersecurity regulations (FDA pre/post market guidance)
• Experience with FDA design controls and software validation processes
• Knowledge of IEC 62304, ISO 14971, and other relevant medical device standards
• Knowledge of compliance frameworks (SOC 2, ISO 27001, GDPR)
• Demonstrated experience with security risk management in medical device development
• Experience with security testing tools (e.g., Burp Suite, OWASP ZAP)
• Knowledge of common web vulnerabilities, such as:
• SQL Injection
• Cross-Site Request Forgery
• Understand Exploitation Techniques: Privilege escalation, lateral movement and escalation.
• Knowledge of secure coding practices, cryptography, and authentication/authorization frameworks
• Familiarity with CI/CD pipelines and DevSecOps practices
• Knowledge of HIPAA compliance and healthcare data security
• Experience with container security and Kubernetes
• Strong communication skills and ability to explain security concepts to technical and non-technical stakeholders

***DarioHealth promotes diversity of thought, culture and background, which connects the entire Dario team. We believe that every member on our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and to discover, design and deliver solutions. We are passionate about building and sustaining an inclusive and equitable working and learning environments for all people, and do not discriminate against any employee or job candidate.​***