Staff Software Engineer - Security

Remote Full-time
Dandy is transforming the massive and antiquated dental industry—an industry worth over $200B. Backed by some of the world’s leading venture capital firms, we’re on an ambitious mission to simplify and modernize every function of the dental practice through technology. As we expand our reach globally, Dandy is building the operating system for dental offices around the world—empowering clinicians and their teams with technology, innovation, and world-class support to achieve more for their practices, their people, and their patients.About the TeamWe're growing rapidly and are seeking a highly skilled and hands-on Staff Security Engineer to be our first dedicated security engineer. This is a unique opportunity to lay the technical groundwork for security, making a direct impact on protecting our platform and customer data from day one.You'll have significant autonomy to select, implement, and manage security solutions, hunt for and remediate vulnerabilities, and be a key player in incident response. While you'll be our first security hire, your focus will be on deep technical execution and building out our defenses and security posture.If you're passionate about building secure systems, thrive on technical challenges, enjoy a blend of proactive defense and reactive response, and want to apply your expertise to make a tangible difference in a fast-paced, growing company, this role is for you.What You’ll DoCollaborate with engineering teams to design and implement secure application architectures, influencing the development of new features with security in mind from the start.Provide expert guidance on secure coding practices, API security, authentication/authorization patterns, and data protection throughout the software development lifecycle.Lead vulnerability management efforts, including identifying risks in applications and infrastructure (using both automated and manual methods), prioritizing findings, and coordinating remediation with engineering teams.Evaluate, select, and drive adoption of application and infrastructure security tools — such as SAST, DAST, SCA, container scanning, etc. — ensuring they are well integrated into developer workflows.Define and help implement incident response processes and playbooks; act as a senior technical contributor during incident investigations, supporting teams through forensics, containment, and recovery.Partner with the infrastructure team to establish guardrails and controls across GCP environments, including identity and access management, network security, and container hardening.Champion a security-first engineering culture by providing practical education, mentoring, and hands-on support to help teams build secure systems confidently and efficiently.What We’re Looking For8+ years of progressive, hands-on experience in cybersecurity, with strong emphasis on application security, secure design, and vulnerability management.Deep understanding of web application and API security, including common vulnerabilities, secure software architecture, and threat modeling.Experience collaborating directly with software engineering teams to guide implementation of secure development practices and influence technical design decisions.Proven ability to lead technical efforts in vulnerability identification, triage, and remediation across both application code and cloud infrastructure.Hands-on experience implementing and operating security tooling as well as basic infrastructure level controls.Demonstrated experience leading or significantly contributing to security incident response efforts, including log and forensic analysis.Strong communication and collaboration skills; able to influence without authority and guide teams toward secure-by-default outcomes.Bonus PointsExperience securing services that handle sensitive data, like PHI, and an understanding of data protection principles.Proficiency in integrating security tools and practices into CI/CD pipelines (DevSecOps).Strong scripting/automation skills (e.g., Python, Bash, etc.) for security tasks.Relevant industry certifications (e.g., OSCP, GWAPT, GCSA, GCP Professional Cloud Security Engineer, CISSP – focusing on technical certs).Experience as an early or foundational security hire in a growing tech company.Req ID: J-458For full-time positions, Dandy offers a wide range of best-in-class, comprehensive, and inclusive benefits tailored to each country where we operate. Our local benefits packages typically include healthcare, dental, mental health support, parental planning resources, retirement savings options, and generous paid time off—ensuring our team members are supported no matter where they live and work.Dandy is proud to be an equal-opportunity employer. We are committed to building a diverse and inclusive culture that celebrates authenticity to win as one. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability, protected veteran status, citizenship or immigration status, or any other legally protected characteristics.Dandy also fully complies with the Americans with Disabilities Act (ADA). We are dedicated to embracing challenges and creating an accessible, inclusive workplace for all individuals. If you require any accommodations for your interview or have any questions beforehand, rest assured that we will do everything we can to meet your needs. Visit Dandy Careers for more!

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Data Entry Specialist (Remote) – Part-Time Opportunity at careerzynith

Remote

Admin and Support Specialist

Remote

MLOps Engineer — AI/ML Systems & Deployment (TS/SCI Preferred) Remote / Telecommute Jobs

Remote

Join the FBI as a Special Agent: Education/Teaching Background

Remote

Product Lead, Districts & Schools

Remote

Apple Home Advisor Job in United States (Multiple Locations)-

Remote

Plymouth Flight Attendant(Full-time)-Delta Air Lines | Hiring

Remote

Senior Customer Success Manager - North America

Remote

Contract Administration

Remote

Senior Commercial Lines New Business Underwriter | Remote

Remote
← Back