Senior Engineer, Security

What You'll Be Doing

• Define what data security looks like a year from now — then build it. Own a clear, opinionated vision for Grow's data security infrastructure: where the biggest risks are, what "secure by default" means for sensitive data, and the roadmap to get there.
• Make data classification executable. Build the automated classification and tagging pipelines that scan our production data models, infer sensitivity, and propagate those tags through data lineage — aligning with our Data Classification Policy so that every downstream system can act on classification automatically rather than guess.
• Control how data is used internally. Build field-level dynamic masking, tokenization, and redaction — driven by classification tags — so that sensitive data is exposed only when there's a genuine need, and access is scoped, justified, and logged. Make masked-by-default the path of least resistance for the tools teams build on top of our data.
• Secure the data path into AI tooling. Own the security of the data connectors and pipelines feeding AI tools - including authentication, authorization, observability. Ensure Grow can take advantage of new AI technologies safely and appropriately.
• Build fast, safe, and scalable encryption pipelines. Design and ship the encryption infrastructure that protects our most sensitive data end to end — application-layer and field-level encryption, envelope encryption, key management — engineered to be fast and scalable enough that teams reach for it by default rather than around it.

You'll Be a Good Fit If

• You're a hands-on data infrastructure engineer. You're comfortable writing production code, designing data pipelines and services, and doing system design reviews — and you've built security or data infrastructure that real teams depend on.
• You've worked deep in the data-security stack. You've built meaningfully across some combination of data classification, masking/tokenization, encryption and key management, and secure data access, and you can connect into a coherent system.
• You can set direction and then execute on it. You're energized by a blank canvas: you can define what success looks like a year out, prioritize ruthlessly toward it, and inspire partner teams to support you in this goal.
• You think in terms of risk reduction, not checkboxes. You instinctively reach for the highest-leverage control on the largest surface, and you'd rather make the secure path the default.
• You're a clear, compelling communicator. You can explain data-security tradeoffs and risk to non-technical audiences — including executives and clinical stakeholders — with precision, empathy, and confidence.