Skip to main content

Candid Health

Product Security Engineer

San Francisco (CA), Denver (CO), New York (NY)$180k–$258kfulltimemidAdded 2 days ago

About this role

Join a healthcare tech company transforming medical billing as a Product Security Engineer. You'll embed security into product development across the entire lifecycle, from architectural design through incident response, while partnering with engineering teams to balance security with development velocity.

What you'll do

  • Lead threat modeling sessions during feature design to identify security risks early
  • Integrate security automation tools (SAST, DAST, SCA) into CI/CD pipelines and developer workflows
  • Triage vulnerabilities and coordinate remediation efforts across code, dependencies, and cloud infrastructure
  • Develop secure coding standards, training, and guardrails for engineering teams
  • Support incident response investigations and drive architectural improvements
  • Build processes to ensure security of open-source dependencies and supply chain

What they're looking for

  • Product or application security (5+ years)
  • Programming languages (Python, Go, Java, or JavaScript)
  • Web/cloud architecture (APIs, microservices, Kubernetes, AWS/GCP/Azure)
  • OWASP Top 10 and exploitation techniques
  • Infrastructure as Code security
  • Cryptography and authentication/authorization design
  • Security tooling and automation
  • Collaboration and cross-team influence

Benefits

  • Salary range: $180,000 - $258,000 USD
  • Work on critical healthcare innovation
  • Multiple office locations (San Francisco, Denver, New York)
  • Backed by top-tier venture capital (8VC, First Round, BoxGroup, Oak HC/FT)
  • Opportunity to build security culture from the ground up
Apply on the employer's site

Opens the official application on the employer’s site. No login required.