Candid Health
Product Security Engineer
San Francisco (CA), Denver (CO), New York (NY)$180k–$258kfulltimemidAdded 2 days ago
About this role
Join a healthcare tech company transforming medical billing as a Product Security Engineer. You'll embed security into product development across the entire lifecycle, from architectural design through incident response, while partnering with engineering teams to balance security with development velocity.
What you'll do
- Lead threat modeling sessions during feature design to identify security risks early
- Integrate security automation tools (SAST, DAST, SCA) into CI/CD pipelines and developer workflows
- Triage vulnerabilities and coordinate remediation efforts across code, dependencies, and cloud infrastructure
- Develop secure coding standards, training, and guardrails for engineering teams
- Support incident response investigations and drive architectural improvements
- Build processes to ensure security of open-source dependencies and supply chain
What they're looking for
- Product or application security (5+ years)
- Programming languages (Python, Go, Java, or JavaScript)
- Web/cloud architecture (APIs, microservices, Kubernetes, AWS/GCP/Azure)
- OWASP Top 10 and exploitation techniques
- Infrastructure as Code security
- Cryptography and authentication/authorization design
- Security tooling and automation
- Collaboration and cross-team influence
Benefits
- Salary range: $180,000 - $258,000 USD
- Work on critical healthcare innovation
- Multiple office locations (San Francisco, Denver, New York)
- Backed by top-tier venture capital (8VC, First Round, BoxGroup, Oak HC/FT)
- Opportunity to build security culture from the ground up
Opens the official application on the employer’s site. No login required.