Product Security Engineer

Cedar

21h•$157,250 - $185,000•Remote

About The Position

Our healthcare system is the leading cause of personal bankruptcy in the U.S. Every year, over 50 million Americans suffer adverse financial consequences as a result of seeking care, from lower credit scores to garnished wages. The challenge is only getting worse, as high deductible health plans are the fastest growing plan design in the U.S. Cedar’s mission is to leverage data science, smart product design and personalization to make healthcare more affordable and accessible. Today, healthcare providers still engage with its consumers in a “one-size-fits-all” approach; and Cedar is excited to leverage consumer best practices to deliver a superior experience. The Role: Security at Cedar isn’t about saying "no"—it’s about building the "yes." We are looking for a Product Security Engineer who is an engineer at heart. You won’t run scans and file tickets; you will write code, build infrastructure, and ship internal products that make the secure path the easiest path for our developers. You will act as a pragmatic partner to our Maker teams, helping them ship high-value features safely without sacrificing velocity. You will solve for high-risk, high-value workflows across product, infrastructure, and integrations. What You’ll Solve: here is an example of a project that a current Product Security Engineer in this role recently shipped: Problem: Developers needed to troubleshoot a workflow and could only reproduce the problem if the logs were updated to include otherwise access-restricted, sensitive data. Putting sensitive data into logs is risky, and the status quo involved tracing identifiers through multiple systems until the sensitive data could be safely retrieved. This was labor intensive and slow, while patients felt the pain of our delays. Solution: Instead of saying 'no', we built a reusable, custom logger that could safely accommodate sensitive data. It can be temporarily enabled and stored and analyzed safely. Impact: They partnered with a product team as an early beta tester to solve a concrete friction point. The system increased developer velocity and improved our security posture by removing the temptation for developers to log sensitive information.

Requirements

You are a developer first: You have substantial experience in software development and are comfortable writing production-ready code (we use Python and Go, but we welcome all backgrounds).
You are pragmatic: You understand that "perfect" security doesn't exist. You can weigh security risks against business goals and communicate trade-offs effectively to non-security stakeholders.
You are proactive: You don't wait for a ticket. You look for patterns in vulnerabilities and build systemic fixes or libraries to prevent entire classes of bugs.
You know the cloud: You have deep familiarity with AWS infrastructure best practices, IAM, and containerization.
You are a teacher: Your default setting is collaborative, not combative: You're excited about enabling software developers.
Applicants must be currently authorized to work in the United States on a full-time basis.

Nice To Haves

Experience creating developer-focused security libraries or CLI tools.
Familiarity with HIPAA, PCI, or securing fintech/payment data.
Participation in CTFs, bug bounties, or open-source security contributions.

Responsibilities

Build Security Tooling: Shift into a development role to architect robust tools in Terraform, Bash, Go, or Python. You’ll use gRPC, GraphQL, and HTTP to build automation that eliminates manual security toil and developer pain.
Architect for Scale: Grab pairing time with product engineers to co-design features across Cedar. You will help bake security in at the design phase, not bolt it on at the end.
Pave the Road: Review Infrastructure-as-Code (Terraform) and IAM roles, not just to find flaws, but to offer code-ready improvements that educate developers and streamline future deployments.
Advise, Don't Block: Serve as a trusted advisor. When you find a vulnerability, you don’t just report it—you help scope the fix based on a pragmatic understanding of the risk and the business context.

Benefits

A chance to improve the U.S. healthcare system at a high-growth company! Our leading healthcare financial platform is scaling rapidly, helping millions of patients per year
Unless stated otherwise, most roles have flexibility to work from home or in the office, depending on what works best for you
For exempt employees: Unlimited PTO for vacation, sick and mental health days–we encourage everyone to take at least 20 days of vacation per year to ensure dedicated time to spend with loved ones, explore, rest and recharge
16 weeks paid parental leave with health benefits for all parents, plus flexible re-entry schedules for returning to work
Diversity initiatives that encourage Cedarians to bring their whole selves to work, including three employee resource groups: be@cedar (for BIPOC-identifying Cedarians and their allies), Pridecones (for LGBTQIA+ Cedarians and their allies) and Cedar Women+ (for female-identifying Cedarians)
Competitive pay, equity (for qualifying roles), and health benefits, including fertility & adoption assistance, that start on the first of the month following your start date (or on your start date if your start date coincides with the first of the month)
Cedar matches 100% of your 401(k) contributions, up to 3% of your annual compensation
Access to hands-on mentorship, employee and management coaching, and a team discretionary budget for learning and development resources to help you grow both professionally and personally

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume