Back to jobsApply
GoodRx

Affordable healthcare for everyone.

Lead Security Engineer

Full TimeRemoteTeam 501-1,000Since 2011H1B SponsorCompany SiteLinkedIn

Location

California + 2 moreAll locations: California, New York, Washington

Posted

8 days ago

Salary

$135K - $288K / year

Bachelor Degree8 yrs expEnglishAWSCloudCyber SecurityGoogle Cloud PlatformJava ScriptKubernetesPythonRustSDLCGo

Job Description

• Define and evolve the security architecture across cloud, application, and infrastructure domains. • Lead threat modeling and risk analysis for complex systems and new product initiatives. • Develop and guide implementation of secure design principles across engineering teams. • Evaluate emerging security technologies and recommend strategic adoption. • Perform enterprise-level risk assessments and translate findings into prioritized remediation roadmaps. • Define and improve security policies, standards, and control frameworks. • Drive alignment of security practices with regulatory and compliance requirements. • Provide executive-ready summaries of risk posture and mitigation strategy. • Lead complex security investigations and incident response efforts. • Conduct root cause analysis and implement systemic improvements to reduce future risk. • Develop and refine runbooks, playbooks, and response automation. • Act as an escalation point for high-impact security events. • Partner with engineering teams to integrate security into the SDLC. • Define standards for secure code reviews and static/dynamic analysis. • Improve automation for vulnerability scanning, detection, and remediation. • Guide cloud security best practices across AWS/GCP environments. • Act as a trusted advisor to engineering leadership and cross-functional partners. • Influence technical decisions that balance security, scalability, and delivery speed. • Foster strong relationships with vendors and external security partners. • Mentor and guide junior security engineers and engineers outside the security team.

Job Requirements

  • 8+ years of cybersecurity or security engineering experience
  • Deep expertise in application security, cloud security (AWS/GCP), and modern DevSecOps practices
  • Prior experience with modern javascript frameworks and microservice architecture
  • Demonstrated experience designing and implementing scalable security architectures
  • Strong understanding of SDLC, CI/CD pipelines, and secure development practices
  • Experience conducting enterprise-level risk assessments and incident investigations
  • Strong analytical thinking and ability to assess ambiguous risk scenarios
  • Excellent written and verbal communication skills, including ability to influence senior stakeholders.
  • Ability to operate independently and exercise sound judgment on high-impact security decisions.
  • Experience working in regulated environments (HIPAA, SOC2, PCI, etc.) preferred.
  • Offensive security experience or strong understanding of adversarial techniques.
  • Development experience in any modern programming language is a plus (Python, Rust, Go, etc).
  • Experience with SSO platforms (Okta, SAML).
  • Experience with SIEM/SOC tooling and observability platforms.
  • CISSP or equivalent security certification.
  • Cloud security certifications (AWS/GCP) preferred.
  • Certified Kubernetes Administrator certification is a plus.

Benefits

  • medical, dental, and vision insurance
  • 401(k) with a company match
  • ESPP
  • unlimited vacation
  • 13 paid holidays
  • 72 hours of sick leave
  • mental wellness programs
  • financial wellness programs
  • fertility benefits
  • generous parental leave
  • pet insurance
  • supplemental life insurance for you and your dependents
  • company-paid short-term and long-term disability

Related Categories

Security Engineer

Related Job Pages

Security Engineer Jobs in CaliforniaRemote Full-time Jobs (US)Remote Python Jobs (US)More US Remote Jobs