Product Security Engineer (Healthcare)

180 000 - 258 000$

Формат работы

onsite

Тип работы

fulltime

Грейд

senior

Английский

Страна

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Product Security Engineer (Healthcare): Building and maintaining secure-by-design infrastructure for a medical billing platform with an accent on threat modeling, CI/CD security integration, and vulnerability management. Focus on automating security gates, implementing secure coding standards, and ensuring compliance with healthcare-specific regulations like HIPAA.

Location: Must be based in San Francisco (CA), Denver (CO), or New York (NY)

Salary: $180,000 - $258,000 USD

Company

hirify.global is a well-funded startup rethinking medical billing through data science and automation to reduce administrative overhead in the US healthcare system.

What you will do

Lead threat modeling sessions during architectural design phases for new features.
Drive the adoption of Shift Left security practices by integrating SAST, DAST, and SCA tools into developer workflows.
Triage and remediate vulnerabilities across code, third-party libraries, and cloud infrastructure.
Build and maintain security automation tools to reduce friction for engineering teams.
Develop security guardrails and training to ensure resilient, secure-by-default product development.
Assist in incident response and post-incident architectural improvements.

Requirements

5+ years of experience in software or security engineering with a focus on product or application security.
Proficiency in one or more programming languages such as Python, Go, Java, or JavaScript.
Deep understanding of modern web and cloud architecture including APIs, Microservices, and Kubernetes.
Familiarity with OWASP Top 10 and common exploitation techniques.
Experience with Infrastructure as Code security using tools like Terraform or CloudFormation.
Knowledge of compliance frameworks such as SOC2, ISO27001, or HIPAA.

Nice to have

Experience designing cryptographic implementations or secure authentication flows like OAuth, OIDC, and JWT.
Proven ability to influence engineering teams and improve security posture without hindering development velocity.

Culture & Benefits

Work on high-impact healthcare innovation aimed at reducing administrative costs.
Join a well-funded, Y Combinator-backed team with a flat hierarchy.
Significant potential upside through equity compensation.
Collaborative environment focused on solving complex, real-world medical billing challenges.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →