Staff Security Engineer

Fullscript

Staff Security Engineer at Fullscript focusing on application and product security solutions. Leading security initiatives across platforms while collaborating with engineering teams.

Posted 6/10/2026full-timeRemote • Texas • 🇺🇸 United StatesLeadWebsite

Tech Stack

Tools & technologies

AWSCloudGraphQLJavaScriptNode.jsRubyRuby on Rails

About the role

Key responsibilities & impact

Lead the design and implementation of security solutions across Fullscript's applications, platforms, and AI-powered systems.
Partner with engineering teams to embed security throughout the software development lifecycle, including architecture reviews, threat modeling, secure coding practices, and design reviews.
Drive application security, product security, and vulnerability management initiatives from concept through implementation.
Own complex security challenges that span multiple teams, balancing technical requirements, business priorities, and engineering constraints to deliver scalable solutions.
Mentor engineers and security practitioners, raising the bar for secure software development and helping teams make sound security decisions.
Influence technical strategy and security standards through hands-on engineering, technical leadership, and cross-functional collaboration.
Stay ahead of emerging threats, security technologies, and AI-specific risks to help shape Fullscript's long-term security posture.

Requirements

What you’ll need

8+ years of software engineering experience designing, building, and operating production systems.
3+ years of recent experience in application security, product security, security engineering, or a related security discipline.
Deep understanding of secure software development, modern application architectures, APIs, and cloud-native environments.
Experience owning complex technical initiatives from problem definition through delivery, including working across multiple teams and stakeholders.
Proven ability to influence technical direction, mentor engineers, and drive adoption of security best practices.
Strong hands-on experience with security tooling, automation, vulnerability management, and security assessments.
Excellent communication skills, strong technical judgment, and a continuous learning mindset.
Bonus if you have
Experience securing Ruby on Rails, Node.js, JavaScript, GraphQL, or similar application ecosystems.
Experience with AWS cloud security and cloud-native security controls.
Experience with threat modeling methodologies such as STRIDE, PASTA, or similar frameworks.
Experience with vulnerability management, application security posture management, or developer security tooling.
Familiarity with GitHub, GitLab, Wiz, static analysis tools, secret scanning, or related security platforms.
Experience conducting penetration testing, security research, or ethical hacking activities.
Experience protecting healthcare, regulated, or sensitive customer data.

Benefits

Comp & perks

Remote-first flexibility to work where you work best, with North America (Ottawa, Toronto, or Calgary) preferred for this role.
Flexible PTO and competitive pay, because work-life balance matters
RRSP/401k match and stock options to invest in your future
Premium benefits package with customizable coverage, paramedical services, and an HSA.
Fullscript discounts to save on high-quality wellness products
Continuous learning opportunities to grow your skills and career

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application securityproduct securitysecurity engineeringsecure software developmentvulnerability managementthreat modelingRuby on RailsNode.jsJavaScriptcloud-native environments

Soft Skills

communication skillstechnical judgmentmentoringinfluencing technical directioncross-functional collaborationcontinuous learning mindset