Security Engineer — Application Security & Identity

Real ChemistryBoston, MA
$60,000 - $80,000Hybrid

About The Position

At Real Chemistry, making the world a healthier place isn’t just an aspiration—it’s our everyday reality. Our drive to transform healthcare is informed by our blend of deep scientific expertise, human-centred creativity, and AI-driven insights, fostering a unique environment where innovation thrives and our people are impact-obsessed. As a global agency, we provide a full suite of services across healthcare communications and marketing to our clients, including top players in the pharmaceutical and biotech industries. Our #LifeatRealChem culture is rooted in our people—we believe we are best together and are committed to excellence for both our clients and colleagues. Whether you're a seasoned professional or just starting your career, if you share our passion for healthcare and connection, we invite you to explore our opportunities. Discover your purpose. Embrace innovation. Experience #LifeatRealChem. Security Engineer — Application Security & Identity Function: Information Security Reports to: Head of Security Role Summary Owns application security across multiple environments, each with increasing control and compliance requirements. Acts as reviewer for the least complex environments and co-reviewer for higher complexity and controlled environments. Defines and enforces security controls across AWS hosted workloads and GitHub based development pipelines while maintaining independent review authority. Applications originate as AI-assisted prototypes and require structured security validation before enterprise production deployment. This is a hybrid role, based in any of our US offices—including New York City, Boston, Chicago, Carmel, or San Francisco—or remotely within the US, depending on team and business needs.

Requirements

  • 5+ years (or 3–5+ in high-growth environments) in cloud security, 2 of which should be be focused application security
  • Hands-on security experience with: AWS IAM, SAML / OIDC federation, GitHub security tooling
  • Experience with threat modeling and coordinating penetration testing
  • Familiarity with SOC 2, GDPR, and HIPAA-adjacent controls
  • In-depth understanding of the risk lifecycle

Nice To Haves

  • Experience securing GitHub-based CI/CD pipelines
  • Experience in AWS native environments
  • Exposure to regulated industries (GxP, 21 CFR Part 11)
  • Security certifications (CISSP, CCSP, OSCP, GIAC, etc.)
  • Associates degree or higher
  • Experience bringing low-code or AI-generated applications under enterprise security controls

Responsibilities

  • Conduct security reviews of Internally developed applications including: Data flow validation, Security control design and implementation, Secrets handling, AI/LLM Data Loss Prevention (DLP)
  • Co-lead production readiness reviews for strictly governed environments: Threat modeling, Hardening validation, Compliance mapping (SOC 2and contractual and regulatory requirements)
  • Define and enforce identity architecture: Corporate identity: Entra ID, Workload identity: AWS IAM and GitHub OIDC
  • Define and manage GitHub native security controls: GitHub Advanced Security (CodeQL / SAST), Dependabot (dependency scanning), Secret scanning, Branch protection and environment controls
  • Establish standards for security tooling: SAST (CodeQL, Semgrep), SCA (Dependabot, Snyk), Container scanning (Trivy, ECR scanning), Infrastructure as Code (IaC) policy (OPA, Sentinel, tfsec)
  • Define AWS security standards: IAM design and least-privilege access, Logging and audit requirements, Secrets management and rotation
  • Scope and coordinate third-party penetration testing
  • Maintain audit logging maturity per environment requirements: Baseline logging, User-level activity tracking, Tamper-evident audit trails with SIEM integration
  • Perform initial triage and risk classification within time requirements for critical issues identified in intake (data exposure, credentials, regulatory risk).
  • Partner with DevOps Engineering to ensure security policies are implemented in pipelines and infrastructure
  • AI Security & Usage Governance: Define approved AI providers and usage boundaries, Establish prompt data classification and handling policies, Enforce human-in-the-loop requirements where appropriate, Define cost/spend guardrails for AI services

Benefits

  • free snacks to keep you running all day long
  • generous holiday and paid time off
  • options for private medical, dental, and vison plans
  • support in saving for the future
  • mental wellness coaching and support
  • access to more than 13,000 online classes with LinkedIn Learning
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service