Candid Health
Security Engineer
New York City (Remote)$180k–$258kfulltimemidAdded 2 days ago
About this role
A healthcare software company automating medical billing is seeking a Senior Security Engineer to build and maintain security protections for their HIPAA-regulated platform. You'll lead security initiatives across compliance frameworks, vulnerability management, and threat modeling while collaborating closely with engineering teams.
What you'll do
- Design and implement security controls to ensure secure-by-default systems and platforms
- Participate in design reviews and threat modeling to identify security risks early in development
- Manage HIPAA, SOC2, SOC1, PCI, and HITRUST compliance requirements and audits
- Conduct vulnerability assessments and coordinate timely remediation across the tech stack
- Oversee third-party security assessments including penetration testing and vendor evaluations
- Automate security processes and audit systems, networks, and infrastructure for weaknesses
What they're looking for
- Security compliance frameworks (HIPAA, SOC2, SOC1, PCI, HITRUST)
- Threat modeling and security architecture design
- Vulnerability assessment and management
- Security automation and scripting/coding ability
- Network and systems security auditing
- Penetration testing coordination
- Risk assessment and vendor security evaluation
- Hands-on cloud/infrastructure security experience
Benefits
- Competitive salary range: $180,000 - $258,000 USD
- Opportunity to impact healthcare system innovation
- Collaborative team culture focused on support and growth
- Work on mission-driven healthcare technology
- Engagement with strategic and operational security initiatives
Opens the official application on the employer’s site. No login required.