Included Health

Senior Security Engineer

Included Health

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $128,130 - $235,287 per year

Job Level

Senior

Tech Stack

AWSCloudDockerGoGoogle Cloud PlatformKubernetesLinuxMacOSPythonSDLCTerraform

About the role

  • Design, build, and implement Just-in-Time (JIT) access controls and Privileged Access Management (PAM) workflows to eliminate standing privileged accounts in production.
  • Conduct platform permission reviews and implement a least-privilege access model for cloud and application roles.
  • Ensure 100% of production access requests and approvals are captured in audit logs.
  • Lead the implementation, tuning, and operation of security tools in the CI/CD pipeline, including SAST, DAST, SCA, and secrets scanning.
  • Develop custom SAST rules to detect specific, high-risk flaw patterns, such as authorization bypasses or insecure PII/PHI handling.
  • Partner with engineering to deploy IDE plugins and automated PR checks that block sensitive data exposure before deployment.
  • Conduct manual security code reviews for high-risk features and cryptographic implementations.
  • Design, build, and maintain automation for the end-to-end vulnerability management lifecycle.
  • Engineer automated workflows to triage, validate, and assign new vulnerabilities
  • Develop and maintain security automation scripts, tools, and services in Python or Go to streamline security operations and compliance checks.
  • Partner with SecOps to build high-fidelity SIEM correlation rules and automated response playbooks.
  • Design, implement, and maintain encryption strategies for data at rest and in transit, ensuring PHI is protected in compliance with HIPAA.
  • Manage the cryptographic key lifecycle and administer key management systems
  • Design and implement secure cloud network architectures (VPCs, subnets, security groups, NACLs) and network segmentation strategies.
  • Lead the remediation of cloud security findings
  • Implement and manage a centralized security control plane
  • Design and implement Data Loss Prevention (DLP) policies for endpoints and cloud services to protect against sensitive data exfiltration.
  • Design and enforce security configurations and hardening standards for diverse operating systems (macOS, Windows, Linux) via MDM/UEM platforms.
  • Manage and tune endpoint security solutions, including EDR/XDR (e.g., CrowdStrike).
  • Lead threat modeling sessions for new features and conduct secure design reviews of system architectures, applications, and APIs.
  • Act as an embedded security partner and subject matter expert for product and platform teams, providing technical guidance and mentorship.
  • Develop and manage security programs for emerging risks, including SaaS security and AI security.

Requirements

  • 6+ years of experience in security engineering, with hands-on expertise in both application security and cloud security (AWS strongly preferred).
  • Strong proficiency in at least one scripting or programming language (Python or Go preferred) for security automation.
  • Demonstrable experience in two or more of the following core areas: 1) Application & SDLC Security, specifically with SAST, DAST, and SCA tools (e.g., Semgrep, Snyk, Burp Suite) and CI/CD automation; 2) Security Automation & Engineering using SOAR platforms (e.g., Tines) and Terraform; 3) Cloud Security (AWS/GCP) with a focus on designing secure cloud-native services (VPCs, IAM, WAF, CSPM); 4) Identity & Encryption, including JIT access controls, PAM, and cryptographic key lifecycles; or 5) Endpoint & Data Security utilizing EDR/XDR, DLP, and MDM solutions.
  • Experience securing containerized environments (Docker, Kubernetes).
  • Previous experience in healthcare, fintech, or other highly regulated industries
  • Excellent communication skills, with the ability to explain complex security risks to both technical and non-technical stakeholders.
Benefits
  • Remote-first culture
  • 401(k) savings plan through Fidelity
  • Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)
  • Paid Time Off ("PTO") and Discretionary Time Off ("DTO")
  • 12 weeks of 100% Paid Parental leave
  • Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies.
  • Work-From-Home reimbursement to support team collaboration home office work

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Just-in-Time (JIT) access controlsPrivileged Access Management (PAM)SASTDASTSCAPythonGoData Loss Prevention (DLP)EDRXDR
Soft skills
communicationtechnical guidancementorship