[Remote] Senior Security Engineer

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. They are seeking a Senior Security Engineer who will be responsible for designing, implementing, and automating security controls across their application stack and cloud environments, while also proactively identifying vulnerabilities and developing security solutions.ResponsibilitiesDesign, build, and implement Just-in-Time (JIT) access controls and Privileged Access Management (PAM) workflows to eliminate standing privileged accounts in productionConduct platform permission reviews and implement a least-privilege access model for cloud and application rolesEnsure 100% of production access requests and approvals are captured in audit logsLead the implementation, tuning, and operation of security tools in the CI/CD pipeline, including SAST, DAST, SCA, and secrets scanningDevelop custom SAST rules to detect specific, high-risk flaw patterns, such as authorization bypasses or insecure PII/PHI handlingPartner with engineering to deploy IDE plugins and automated PR checks that block sensitive data exposure before deploymentConduct manual security code reviews for high-risk features and cryptographic implementationsDesign, build, and maintain automation for the end-to-end vulnerability management lifecycleEngineer automated workflows to triage, validate, and assign new vulnerabilitiesDevelop and maintain security automation scripts, tools, and services in Python or Go to streamline security operations and compliance checksPartner with SecOps to build high-fidelity SIEM correlation rules and automated response playbooksDesign, implement, and maintain encryption strategies for data at rest and in transit, ensuring PHI is protected in compliance with HIPAAManage the cryptographic key lifecycle and administer key management systemsDesign and implement secure cloud network architectures (VPCs, subnets, security groups, NACLs) and network segmentation strategiesLead the remediation of cloud security findingsImplement and manage a centralized security control planeDesign and implement Data Loss Prevention (DLP) policies for endpoints and cloud services to protect against sensitive data exfiltrationDesign and enforce security configurations and hardening standards for diverse operating systems (macOS, Windows, Linux) via MDM/UEM platformsManage and tune endpoint security solutions, including EDR/XDR (e.g., CrowdStrike)Lead threat modeling sessions for new features and conduct secure design reviews of system architectures, applications, and APIsAct as an embedded security partner and subject matter expert for product and platform teams, providing technical guidance and mentorshipDevelop and manage security programs for emerging risks, including SaaS security and AI securitySkills6+ years of experience in security engineering, with hands-on expertise in both application security and cloud security (AWS strongly preferred)Strong proficiency in at least one scripting or programming language (Python or Go preferred) for security automationDemonstrable experience in two or more of the following core areas: 1) Application & SDLC Security, specifically with SAST, DAST, and SCA tools (e.g., Semgrep, Snyk, Burp Suite) and CI/CD automation; 2) Security Automation & Engineering using SOAR platforms (e.g., Tines) and Terraform; 3) Cloud Security (AWS/GCP) with a focus on designing secure cloud-native services (VPCs, IAM, WAF, CSPM); 4) Identity & Encryption, including JIT access controls, PAM, and cryptographic key lifecycles; or 5) Endpoint & Data Security utilizing EDR/XDR, DLP, and MDM solutionsExperience securing containerized environments (Docker, Kubernetes)Previous experience in healthcare, fintech, or other highly regulated industriesExcellent communication skills, with the ability to explain complex security risks to both technical and non-technical stakeholdersExperience with mobile application security (iOS/Android)Familiarity with AI security principles and governing LLM usageExperience building or managing a SaaS security (SSPM) programBackground in software development, DevOps, or Site Reliability EngineeringExperience with incident response, threat hunting, and forensicsRelevant security certifications such as: CISSP, GIAC certifications (GWAPT, GPEN, GCIH), AWS Certified Security - Specialty or GCP Professional Cloud Security Engineer, OSCP, CEH, or other offensive security certificationsContributions to open-source security projects or active participation in the security communityBenefitsRemote-first culture401(k) savings plan through FidelityComprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)Paid Time Off ("PTO") and Discretionary Time Off ("DTO")12 weeks of 100% Paid Parental leaveFamily Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies.Work-From-Home reimbursement to support team collaboration home office workCompany OverviewIncluded Health provides a combination of virtual care, navigation, and communities-based healthcare services. It was founded in 2011, and is headquartered in San Francisco, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.includedhealth.com.Company H1B SponsorshipIncluded Health has a track record of offering H1B sponsorships, with 2 in 2026, 12 in 2025, 9 in 2024, 8 in 2023, 6 in 2022. Please note that this does not guarantee sponsorship for this specific role.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Remote Customer Service Representat...

Remote

Librarian I/II, Legal Research Librarian

Remote

**Experienced Customer Care Data Entry Coordinator – Remote Customer Support and Data Management**

Remote

**Job Title**

Remote

Heavy Equipment Operator

Remote

Remote Tech Support

Remote

Expert (1099 Employee)

Remote

Enterprise Data Analyst Senior

Remote

Data Science Manager - Acquisition and Partnerships

Remote

Experienced Full-Time Remote Customer Service and Data Entry Representative - Virtual Team Member for Exceptional Customer Experience and Data Management at Blithequark

Remote
← Back