Job Details

Senior Security Engineer

We're looking for a Senior Security Engineer who is ready to elevate the safety and security of our systems and networks. You will serve as our guardian, ensuring our platforms are resilient against all threats while meeting compliance requirements. We value a hands-on approach and seek someone who is conversant with the nitty-gritty of security frameworks, while being deeply engaged in strategic and operational security endeavors.

What You'll Do

• Build Security Guardrails: Build security protections into our systems to ensure a secure by default posture.
• Collaborate with Engineering Teams: Participate in design reviews and threat modeling sessions to identify potential security flaws early in the development process, and validate the security of new features and services during rollout ensuring security remains at the forefront of all initiatives.
• Implement & Navigate Compliance Rituals: Understand, oversee, and drive the rituals associated with HIPAA, SOC2, SOC1, PCI and HITRUST to ensure that we remain compliant and informed.
• Vulnerability Management: Regularly audit our platforms and tech stack for vulnerabilities, ensuring that vulnerabilities are identified and addressed in a timely manner.
• Manage Third-party Relationships: Coordinate with vendors for penetration testing and other security services, ensuring that our platforms undergo regular scrutiny and remain fortified, review vendor security prior to integration.

Who You Are

• You have 4+ years of experience in the security domain, with a proven track record of hands-on involvement in complex projects.
• Your expertise isn't just theoretical. You know how to "talk the talk", especially when it comes to the rituals and routines of security compliance.
• With strong knowledge of HIPAA, you're no stranger to the delicate information we handle.
• You are adaptable and flexible, always ready to engage with security challenges at both enterprise and client levels.
• You write code to automate security, you possess the ability to read, understand, and audit systems, networks, and IT setups to ensure airtight security.

Our Values

• We put our customers first
• We take care of each other and ourselves
• We anchor on outcomes and work relentlessly and creatively to achieve them
• We collectively prioritize building a diverse and inclusive workspace
• We believe humility is our greatest strength
• We are candid, kind, and committed
• We strive to be the most prepared person in the room
• We are truth seekers

Pay Transparency

The estimated starting annual salary range for this position is $180,000 - 258,000 USD. The listed range is a guideline from Pave data, and the actual base salary may be modified based on factors including job-related skills, experience/qualifications, interview performance, market data, etc. Total compensation for this position may also include equity, sales incentives (for sales roles), and employee benefits. Given Candid Health's funding and size, we heavily value the potential upside from equity in our compensation package. Further note that Candid Health has minimal hierarchy and titles, but has broad ranges of experience represented within roles.