Senior Security Engineer (Cybersecurity)

TL;DR

Senior Security Engineer (Cybersecurity): Designing, implementing, and automating robust security controls across application stack and cloud environments (primarily AWS) with an accent on access management, vulnerability remediation, and compliance. Focus on building scalable automation using Python, Go, and Terraform, developing custom detection rules, and ensuring PHI protection under HIPAA.

Location: Remote (US-based, zone-dependent compensation)

Salary: Zone A: $128,130 - $180,990; Zone B: $140,943 - $199,089; Zone C: $153,756 - $217,188; Zone D: $166,569 - $235,287 + equity + benefits

Company

Healthcare company delivering integrated virtual care and navigation to raise the standard of care for everyone.

What you will do

• Design and implement JIT access controls, PAM workflows, and least-privilege models for cloud and applications.
• Lead security tools in CI/CD (SAST, DAST, SCA, secrets scanning) and develop custom detection rules.
• Build automation for vulnerability management, triage, and security operations using Python, Go, Terraform, and Tines.
• Implement encryption strategies, manage key lifecycles, and design secure cloud architectures (VPCs, IAM, WAF).
• Deploy DLP policies, endpoint security (EDR/XDR like CrowdStrike), and hardening standards via MDM.
• Conduct threat modeling, secure design reviews, and partner with teams as embedded security expert.

Requirements

• 6+ years in security engineering with hands-on app and cloud security (AWS preferred)
• Proficiency in Python or Go for automation
• Expertise in 2+ areas: app/SDLC security (SAST/DAST/SCA), security automation (SOAR/Terraform), cloud security (IAM/WAF), identity/encryption, or endpoint/DLP
• Experience with containers (Docker, Kubernetes)
• Experience in healthcare, fintech, or regulated industries
• Excellent communication to explain risks to stakeholders

Nice to have

• Mobile app security (iOS/Android)
• AI security and LLM governance
• SaaS security (SSPM) program experience
• Software dev, DevOps, or SRE background
• Incident response, threat hunting, forensics
• Certifications: CISSP, GIAC, AWS/GCP Security, OSCP, etc.
• Open-source contributions or security community participation

Culture & Benefits

• Remote-first culture with work-from-home reimbursement
• 401(k) through Fidelity
• Comprehensive medical, vision, dental, disability insurance
• PTO, DTO, 12 weeks paid parental leave, family building benefits
• Equity and zone-based competitive compensation