Senior Software Engineer, Security

About The Position

Requirements

• 5+ years of software engineering experience, with 1–3+ years focused on application or product security
• Experience building and securing backend systems in Python, Go, Java, or similar languages
• Solid understanding of common vulnerabilities and mitigations (OWASP Top 10 and beyond)
• Hands-on experience securing APIs and implementing authentication/authorization systems (OAuth 2.0, JWT, RBAC)
• Experience working in cloud environments — we run on AWS and Google Cloud
• Familiarity with security tooling: SAST, DAST, dependency scanning
• Bachelor's degree in Computer Science, Engineering, or equivalent practical experience

Responsibilities

• Design and build secure systems across our APIs, EHR integrations, payments infrastructure, and SaaS products
• Lead threat modeling and security design reviews for new features — embedded in the development process, not bolted on at the end
• Identify and remediate vulnerabilities in application code, dependencies, and infrastructure
• Improve authentication, authorization, and access control systems across our platform (OAuth, RBAC, service-to-service auth)
• Integrate and maintain security tooling in our CI/CD pipelines — SAST, DAST, dependency scanning
• Contribute to secure coding standards, internal libraries, and developer-facing security frameworks
• Support HIPAA and SOC 2 compliance through strong system design and documentation
• Help raise the security bar across the engineering org through code reviews, education, and pairing with developers

Benefits

• Stock options
• Unlimited paid time off policy
• Up to 100% coverage on medical, vision and dental insurance
• 401K and commuter benefits
• Flexible PTO
• High-impact work that directly improves the healthcare experience for millions