Staff Security Engineer

The Role

Maintaining the security and privacy of our users is paramount to Modern Health’s mission. As a Staff Security Engineer you will operate as a key technical leader responsible for setting the long-term security vision and strategic direction for our product and cloud environments. You will tackle the most complex ambiguous security challenges acting as a force multiplier across the entire engineering organization to ensure our commitment to privacy security and compliance remains world-class.

This is a unique opportunity to leverage deep engineering expertise and security domain knowledge to make a direct and massive impact in people's lives. We need a security leader who can mitigate systemic risk by increasing automation defining secure architectural patterns and embedding security principles across all product teams.

This role will be part of the Product Security (ProdSec) team report to the Head of Security and can be based anywhere in the United States. This is a unique opportunity to be a security leader at a fast growing company and the work done by this position will lay the foundation for security at Modern Health for years to come!

This position is not eligible to be performed in Hawaii.

What You’ll Do

• Define and drive the strategic roadmap for proactive security vulnerability analysis in web and mobile applications setting the organizational standard for risk determination and leading complex company-wide remediations.

• Establish the technical vision and program for integrating robust security controls at every stage of the Software Development Life Cycle (SDLC) championing secure development practices and scalable agile delivery.

• Architect deploy and manage defensive security tooling (e.g. SAST DAST SCA) and evaluate new industry-leading application security solutions to create a robust automated security platform.

• Lead the maturation of the Product and Application Security Program by developing and implementing security policies standards and metrics to continually raise the security bar and demonstrate compliance.

• Lead collaborative and cross-functional threat modeling initiatives for core systems new features and evolving services ensuring proactive risk identification and structural security improvement.

• Act as a force multiplier across the organization actively mentoring engineers and driving the adoption of secure coding standards best practices and security-focused architecture.

• Routinely test audit and assess the security posture of application and cloud infrastructure configurations focusing on automation and continuous compliance.

• Engage with Cloud Security efforts by partnering with DevOps and Infrastructure teams to assess improve and monitor cloud architecture security policies and cloud-native controls to ensure secure deployment and operations.

• Develop and advocate for cost-effective scalable and complex solutions to address application and product security challenges across the business.

Who You Are

• You are a passionate technical leader with a deep sense of ownership who drives large-scale cross-functional projects to completion.

• You are an expert in secure software development practices security-focused architecture and infrastructure that aligns with product objectives and business needs.

• You drive the adoption of application and product security best practices across engineering teams and influence business-wide security initiatives.

• You have extensive hands-on experience with vulnerability management secure code review threat modeling and industry-standard tools for application and product security.

• You have hands-on experience with at least one scripting language (Python and/or Bash preferred).

• You thrive in fast-paced collaborative environments working closely with developers product managers and cross-functional stakeholders to secure web and mobile applications.

• You are able to assess prioritize and execute on ambiguous and complex projects independently.

• You bring 8+ years of progressive experience in product/application security or a related security-focused engineering field.

• You have demonstrated experience guiding teams and integrating security into agile product delivery.

• You have excellent written and verbal communication skills capable of articulating technical risk to both engineering and executive audiences.

Bonus Points

• Working at a high growth startup

• Working on SaaS software

• Working in Health Tech

• Software engineering experience

Our Stack

• AWS: ECS and cloud hosting

• Gitlab: CI/CD

• Python: Django Flask aiohttp

• Data: PostgreSQL Redis

• Monitoring: Datadog and Sentry

• IaC: Terraform Packer

Benefits

Fundamentals:

• Medical / Dental / Vision / Disability / Life Insurance

• High Deductible Health Plan with Health Savings Account (HSA) option

• Flexible Spending Account (FSA)

• Access to coaches and therapists through Modern Health's platform

• Generous Time Off

• Company-wide Collective Pause Days

Family Support:

• Parental Leave Policy

• Family Forming Benefit through Carrot

• Family Assistance Benefit through UrbanSitter

Professional Development:

• Professional Development Stipend

Financial Wellness:

• 401k

• Financial Planning Benefit through Origin

But wait there’s more…!

• Annual Wellness Stipend to use on items that promote your overall well being

• New Hire Stipend to help cover work-from-home setup costs

• ModSquad Community: Virtual events like active ERGs holiday themed activities team-building events and more

• Monthly Cell Phone Reimbursement

Equal Pay for Equal Work Act Information

Please refer to the ranges below to find the starting annual pay range for individuals applying to work remotely from the following locations for this role.

• Zone 1: San Francisco Bay Area and New York City Metro

• Zone 2: All other California locations and Seattle WA

• Zone 3: All other New York locations All other Washington locations Washington DC Austin TX CT IL MA NH NJ OR RI VT

• Zone 4: All other Texas locations AL AK AZ AR CO DE FL GA HI ID IN IA KS KY LA ME MD MI MN MS MO MT NE NV NM NC ND OH OK PA SC SD TN UT VA WV WI WY

Compensation for the role will depend on a number of factors including a candidate's qualifications skills competencies and experience and may fall outside of the range shown. Ranges are not necessarily indicative of the associated starting pay range in other locations. Full-time employees are also eligible for Modern Health's equity program and incredible benefits package. See our Careers page for more information.

Depending on the scope of the role some ranges are indicative of On Target Earnings (OTE) and includes both base pay and commission at 100% achievement of established targets.

Zone 1

$160700—$189000 USD

Zone 2

$160700—$189000 USD

Zone 3

$144630—$170100 USD

Zone 4

$136595—$160650 USD