Senior Security Engineer

Faro Health Inc.

Senior Security Engineer responsible for protecting Faro's cloud infrastructure and customer data. Key contributor to security program with a focus on detection, response, and compliance.

Posted 5/14/2026full-timeSan Diego • California • 🇺🇸 United StatesSenior💰 $123,000 - $145,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudGoogle Cloud PlatformPythonSDLC

About the role

Key responsibilities & impact

Operate and improve Faro's security detection and response capabilities, including monitoring, triage, and investigation of alerts from SIEM, CSPM, and MDR
Manage Faro's vulnerability management program, including triaging findings from infrastructure scans, SAST, DAST, and SCA tools, tracking remediation against established SLAs and coordinating with engineering on fixes
Support and improve application security practices within Faro's SDLC, including security reviews of new features, integration of automated security testing into CI/CD pipelines, and guidance to developers on secure coding practices
Maintain and improve Faro's cloud security posture across multiple cloud providers including configuration reviews, hardening, and alignment with CIS benchmarks
Coordinate and support third-party penetration testing engagements, including scoping, logistics, findings triage, and remediation tracking
Contribute to the security of Faro's AI-powered products, including evaluating risks related to prompt injection, data leakage between tenants, model output safety, and retrieval-augmented generation (RAG) integrity
Support incident response activities in alignment with Faro's NIST 800-61-based incident response plan, including detection, analysis, containment, eradication, and recovery
Contribute to security evidence collection and technical documentation to support SOC 2 Type II, ISO 9001 and ISO 27001/42001 audit cycles
Evaluate and improve security tooling, automation, and processes to scale Faro's security capabilities as the company grows

Requirements

What you’ll need

6+ years of experience in security engineering, cloud security, or application security roles
3+ years of hands-on experience with cloud security services (Azure preferred; AWS or GCP acceptable with willingness to ramp on Azure)
Experience with vulnerability management tools and processes, including familiarity with CVSS scoring and risk-based prioritization
Experience with application security testing tools (SAST, DAST, SCA) and secure SDLC practices
Experience with endpoint detection and response platforms
Comfortable working in a small team environment where you will own outcomes end-to-end
Experience in a startup or high-growth environment preferred
Experience with compliance frameworks such as SOC 2, ISO 27001, and NIST 800-53
Scripting ability in Python, PowerShell, or Bash
Bachelors Degree in Information Technology or related field, Masters Degree Preferred

Benefits

Comp & perks

Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic)
Short Term and Long Term Disability
Paid Time Off (Flexible Vacation Policy; Paid Sick & Public Holidays Observed)
Training & Development Reimbursement
Hybrid Work Environment
Peer-to-peer bonus program
Company/department outings and events
Stock Option Plan

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security engineeringcloud securityapplication securityvulnerability managementSASTDASTSCAendpoint detection and responsescripting in Pythonscripting in PowerShell

Soft Skills

team collaborationownership of outcomescommunication

Certifications

SOC 2ISO 9001ISO 27001NIST 800-61