Leads the security organization, defines long-term strategy to protect health data and enable AI innovation, builds scalable security architecture, and partners with engineering/data science on secure-by-design practices. Requires healthcare security experience, AWS/cloud expertise, and SOC 2 leadership.
272k – 320k/yr
RemoteSecurity Engineering
About the role
Responsibilities
Build and lead a high-impact security organization, including future GRC, SecOps, and AI-focused security capabilities.
Design and evolve a security architecture that protects sensitive health data while enabling rapid product development.
Partner deeply with Engineering and Data Science teams to embed secure-by-design principles into architecture and the SDLC.
Establish clear ownership, accountability, and measurable security outcomes across the organization.
Lead the implementation of strong identity, access, and data protection strategies grounded in least-privilege and thoughtful segmentation.
Oversee cloud security (AWS), infrastructure hardening, and corporate device management strategy, including logging, monitoring, and incident response capabilities.
Partner closely with our Head of AI to strengthen governance and proactively address emerging risks across LLM-powered workflows and AI-enabled products.
Lead SOC 2 Type 2 efforts and guide the organization toward HITRUST certification.
Support enterprise sales through security diligence, security and AI questionnaires, and customer conversations.
Serve as a trusted advisor to executive leadership and, as needed, the Board of Directors on security strategy and risk.
Requirements
Built and scaled security programs in healthcare or other regulated, sensitive-data environments, establishing clear accountability and measurable risk reduction.
Developed and implemented modern cloud security architectures, particularly within AWS.
Strengthened identity and access management practices, data protection strategies, and secure SDLC processes.
Led or owned SOC 2 programs (HITRUST exposure is a plus, but not required).
Influenced engineering leadership and product strategy to reduce meaningful risk without slowing product velocity.
Navigated ambiguity in high-growth startup environments and built systems designed to scale.
Established credibility as both a strategic leader and hands-on technical contributor.
What Leads to Success
A patient-first approach. You understand that protecting sensitive health data is a fundamental responsibility tied directly to our mission.
Technical depth. You bring strong expertise in cloud security, IAM, secure architecture, and modern AI risk landscapes - engineers trust your judgment and seek your input early.
Cross-functional leader. You collaborate well across departments, aligning security decisions with company priorities and shared goals.
Balanced risk judgement. You create clarity around tradeoffs, reduce meaningful risk without creating unnecessary friction, and help the organization move forward towards improving patient care with cutting edge technology.
Builder mindset. You’ve built teams and systems from the ground up and know how to scale them thoughtfully.
Comfort with ambiguity. You thrive in fast-paced, evolving environments where priorities shift quickly.
Executive presence. You communicate clearly and confidently with executives, customers, and Board members.
Compensation
Base salary: $272,000-$320,000.
Bonus-eligible.
Total compensation includes equity, benefits, and other opportunities.
Skills
AWSCloud SecurityIAMIdentity And Access ManagementSDLCSOC 2HitrustGRCSecopsIncident ResponseLoggingMonitoringAi SecurityLlm GovernanceData Protection
Lead the Threat Detection & Response organization including SOC, detection engineering, and threat hunting teams. Drive strategy for an agentic SOC model, build leadership bench, and own security outcomes tied to business metrics.
250k – 320k/yr
Remote10+ YOESecurity Engineering
Head of Security
MomentNew York, NY
Own the end-to-end security program for a fintech infrastructure company, driving strategy, compliance (SOC 2), incident response, and client-facing security reviews for institutional trading systems.
275k – 325k/yr
On-siteSecurity Engineering
Head of Security Engineering
HarveySan Francisco, CA +1
Lead and scale the security engineering organization, owning IAM strategy, security tooling, and foundational security platforms that enable rapid, secure product development.
285k – 350k/yr
Hybrid10+ YOESecurity Engineering
Head of Global Assurance
Scale AIWashington, DC
Lead and scale global assurance programs (FedRAMP, SOC 2, ISO 27001) across public sector and commercial units while managing a distributed technical team of compliance experts.
287k – 359k/yr
On-site10+ YOESecurity Engineering
Engineering Director, Application Security
Trail of BitsUnited States
Leads Application Security practice performing code audits, vulnerability research, and secure design reviews. Hands-on leader managing team, P&L, client relationships; requires 10+ years security experience and proficiency in multiple languages.