# Senior Security Engineer **Company:** [Faro Health](https://hotfix.jobs/companies/faro-health) **Location:** San Diego, CA **Salary:** $145K-$180K **Experience:** 6+ years **Skills:** Azure, AWS, GCP, SIEM, Cspm, Mdr, SAST, DAST, Sca, Python, PowerShell, Bash, SOC 2, ISO 27001, Nist 800-53 **Posted:** 2026-06-20 > Hands-on Senior Security Engineer protecting cloud infrastructure, applications, and customer data. Own detection/response, vulnerability management, appsec, and cloud posture for a fast-growing life sciences startup. ## Job Description ## Duties and Responsibilities - Operate and improve Faro's security detection and response capabilities, including monitoring, triage, and investigation of alerts from SIEM, CSPM, and MDR - Manage Faro's vulnerability management program, including triaging findings from infrastructure scans, SAST, DAST, and SCA tools, tracking remediation against established SLAs and coordinating with engineering on fixes - Support and improve application security practices within Faro's SDLC, including security reviews of new features, integration of automated security testing into CI/CD pipelines, and guidance to developers on secure coding practices - Maintain and improve Faro's cloud security posture across multiple cloud providers including configuration reviews, hardening, and alignment with CIS benchmarks - Coordinate and support third-party penetration testing engagements, including scoping, logistics, findings triage, and remediation tracking - Contribute to the security of Faro's AI-powered products, including evaluating risks related to prompt injection, data leakage between tenants, model output safety, and retrieval-augmented generation (RAG) integrity - Support incident response activities in alignment with Faro's NIST 800-61-based incident response plan, including detection, analysis, containment, eradication, and recovery - Contribute to security evidence collection and technical documentation to support SOC 2 Type II, ISO 9001 and ISO 27001/42001 audit cycles - Evaluate and improve security tooling, automation, and processes to scale Faro's security capabilities as the company grows ## Requirements - 6+ years of experience in security engineering, cloud security, or application security roles - 3+ years of hands-on experience with cloud security services (Azure preferred; AWS or GCP acceptable with willingness to ramp on Azure) - Experience with vulnerability management tools and processes, including familiarity with CVSS scoring and risk-based prioritization - Experience with application security testing tools (SAST, DAST, SCA) and secure SDLC practices - Experience with endpoint detection and response platforms - Comfortable working in a small team environment where you will own outcomes end-to-end - Experience in a startup or high-growth environment preferred - Experience with compliance frameworks such as SOC 2, ISO 27001, and NIST 800-53 - Scripting ability in Python, PowerShell, or Bash - Bachelors Degree in Information Technology or related field, Masters Degree Preferred ## Preferred / Bonus Qualifications - Experience with AI/ML security concepts, including prompt injection, adversarial testing, and LLM-specific attack vectors - Experience with infrastructure as code security (Terraform, ARM/Bicep templates, etc.) - Relevant certifications such as AZ-500, OSCP, GIAC, CISSP or similar - Experience in healthcare, life sciences, or other regulated industries ## Skills and Competencies - Strong analytical and problem-solving skills with the ability to investigate complex security events - Ability to communicate security risks and recommendations clearly to both technical and non-technical audiences - Self-motivated and able to work independently with minimal supervision - Collaborative mindset, comfortable working directly with engineering, product, and DevOps teams - Willingness to learn new technologies and adapt as Faro's product and infrastructure evolve ## Benefits - Health Care Plan (Medical, Dental & Vision) - Retirement Plan (401k) - Life Insurance (Basic) - Short Term and Long Term Disability - Paid Time Off (Flexible Vacation Policy; Paid Sick & Public Holidays Observed) - Training & Development Reimbursement - Hybrid Work Environment - Peer-to-peer bonus program - Company/department outings and events - Stock Option Plan - Office On-Premises Amenities; gym, restaurant tenant discount, Padel Nine **Apply:** https://hotfix.jobs/jobs/senior-security-engineer-at-faro-health-c38bf924-a386-422a-ba49-f2cc8bac90a1 **Canonical:** https://hotfix.jobs/jobs/senior-security-engineer-at-faro-health-c38bf924-a386-422a-ba49-f2cc8bac90a1