Security Engineer
First Stop Health
Security Engineer
On a mission to deliver affordable, delightful healthcare for all, First Stop Health provides connected, whole-person virtual care to employers 24/7 through app, website, or phone in all 50 states. First Stop Health prioritizes an engaging and easy-to-use experience, setting people on healthier journeys through care at multiple stages. We are proud to be recognized as one of Fast Company's Most Innovative Companies.
First Stop Health offers a comprehensive benefits package that includes various health and medical coverage options, dental and vision coverage, disability and life coverage, making healthcare easily accessible. For those that choose to waive medical coverage a monthly medical waiver allowance will be provided.
First Stop Health offers a remote-first work environment and flexible paid time off, including Summer Fridays. Furthermore, the employer match 401k plan and monthly phone stipend demonstrates the company's commitment to employee financial well-being. The First Stop Health membership benefit is another added perk for employees and provides our virtual care solutions -- Urgent Care, Mental Health, and Primary Care -- from their very first day!
Job Description
We are seeking a Security Engineer to help design, implement, and maintain security controls and practices across the organization. This role partners closely with Engineering, DevOps, IT, Compliance, and the broader Information Security team to identify risks, strengthen security posture, and support secure business operations.
The ideal candidate has a strong application security background combined with broad security engineering experience across cloud environments, infrastructure, identity and access management, vulnerability management, security operations, and secure software development practices. This individual will help integrate security throughout the organization while balancing risk reduction with business objectives.
Responsibilities
Application Security and Secure Development
- Lead application security initiatives including architecture reviews, threat modeling, code reviews, and penetration testing coordination
- Integrate security controls and testing into the SDLC and CI/CD pipelines
- Partner with development teams to remediate vulnerabilities and improve secure coding practices
- Champion secure design principles across web, mobile, API, and cloud-native applications
- Support implementation and operation of security testing tools including SAST, DAST, SCA, and secrets detection
Threat Modeling & Risk Assessment
- Perform and facilitate threat modeling exercises with development teams to identify potential attack vectors and prioritize risks
- Conduct risk assessments and provide actionable guidance to reduce application-level security risk
- Communicate risk findings clearly, balancing technical detail with business impact
Security Engineering & Architecture
- Design, implement, and maintain security controls across cloud, infrastructure, applications, and enterprise systems.
- Participate in security architecture reviews and provide recommendations for risk reduction
- Evaluate and implement security technologies that improve organizational security posture
- Support identity and access management initiatives, including authentication, authorization, and privileged access controls
- Assess cloud environments for security risks and recommend remediation strategies
- Support cloud security initiatives including identity management, logging, monitoring, network security, and workload protection
Vulnerability & Risk Management
- Identify, assess, prioritize, and track remediation of security vulnerabilities across applications, cloud environments, endpoints, and infrastructure
- Partner with system owners and engineering teams to ensure timely remediation of identified risks
Security Monitoring & Incident Response
- Assist with security investigations, incident response activities, and post-incident reviews
- Collaborate with security operations personnel to improve detection and response capabilities
Security Testing & Assessments
- Lead application security assessments, including static and dynamic analysis, architecture reviews, and manual testing
- Perform and oversee code reviews to identify security vulnerabilities and design flaws
- Lead and coordinate penetration testing engagements, including scoping, execution, remediation validation, and reporting
Advisory & Enablement
- Serve as a trusted security advisor to internal teams, providing expert guidance on secure design, implementation, and remediation
- Develop and deliver security training and awareness content for developers and technical stakeholders
- Contribute to security documentation, standards, and internal knowledge bases
Threat Intelligence & Continuous Improvement
- Monitor relevant threat intelligence sources related to application and software supply chain risks
- Analyze emerging threats and vulnerabilities and communicate relevant findings to the Information Security team and other stakeholders
- Recommend enhancements to application security controls and practices based on evolving threats and industry trends
Requirements
- Preferred Bachelor's degree or equivalent practical experience
- 5-8 years of experience in cybersecurity, information security, cloud security, application security, infrastructure engineering, or related technical disciplines
- Strong understanding of security principles across applications, cloud platforms, infrastructure, networks, and enterprise systems
- Strong experience performing security assessments and risk evaluations across applications, cloud platforms, and infrastructure
- Knowledge of security frameworks and standards such as NIST CSF, CIS Controls, OWASP, ISO 27001, and HIPAA.
- Experience with vulnerability management and remediation processes
- Familiarity with security monitoring, incident response, and threat detection concepts
- Experience working in AWS and Azure environments
- Strong understanding of authentication, authorization, encryption, and identity management concepts
- Excellent communication and stakeholder management skills
Preferred Skills
- Strong application security experience including threat modeling, secure code review, penetration testing coordination, and secure SDLC practices
- Experience with SAST, DAST, SCA, container security, and software supply chain security tools
- Familiarity with DevSecOps practices and CI/CD security integrations
- Experience with security tooling such as SIEM, EDR, CSPM, IAM, and vulnerability management platforms
- Preferred Security+, Certified Application Security Engineer (CASE), Certified Secure Software Engineer Lifecycle Professional (CSSLP), etc.
First Stop Health is committed to diversity, equity, inclusion, and belonging. Research shows that women, people of color and other historically underrepresented groups tend to only apply to jobs in which they meet all the job requirements. Unsure if you check every box? Apply. We would love to consider your unique experiences and how you could make First Stop Health even better.
$139.2k - $218.4k
...developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More... ...GitLab. An overview of this role As a Senior Security Engineer on GitLab’s Security Incident Response Team (SIRT), you will play...SuggestedRemote work$192k - $278k
...mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign... ...continuous improvement. We're looking for a Staff Security Engineer to found and lead the DevSecOps function within our Corporate...SuggestedCurrently hiringLocal areaRemote workWork from home$8,020 per month
...Description Office of the Illinois Secretary of State Alexi Giannoulias Job Title: Information Systems Advisor II – Security Engineering Division: Information Security Union: IFT Location: 501 S 2nd St, Springfield, IL - Sangamon...SuggestedWork at officeRemote work- ...enterprise software architectures that support the bank's information security operations functions. This role performs feedback and... ...bank. The position serves as a technical resource for security engineering initiatives, applying advanced knowledge to evaluate, build, and...SuggestedRemote work
$104k - $156k
...Posting Type Remote/Hybrid Job Overview The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the operational backbone of the enterprise security function. Operating within a layered defense-in-depth program, this engineer owns...SuggestedRemote work- ...join us on our journey to create a better future of work with AI. About the role This is where security meets innovation at enterprise scale. As a security engineer, applications at WRITER, you'll be building the security foundations that protect the AI systems...Full timeWork at officeLocal areaFlexible hours
- ...Security Engineer – Application Security Fragomen is seeking a Security Engineer – Application Security to join our talented Cyber Security team in our Technology Innovation Lab in Pittsburgh. Our industry-leading, immigration specific software and supporting infrastructure...Local areaRemote work
- ...began with operational use cases has quickly evolved into a horizontal AI automation layer used across IT, HR, Finance, Security, Legal, and Engineering. Our mission is to eliminate repetitive, manual work across the enterprise and give teams leverage through...
- ...About the Team Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity... ...a robust security culture. About the Role As a Security Engineer, Application Security you will be responsible for identifying and...Work at officeRemote workRelocation package
- ...Security Engineer - Application Security Locations: Charlotte NC, Chandler AZ, Westlake TX (Hybrid), (3 days onsite) Duration: 12+ Months Contract W2 Contract Only Required Qualifications: ~5+ years of Application Security Engineering experience, or equivalent...Contract workWork experience placement
$100k - $140k
...theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity. As a Security Engineer, you will be part of BlackCloak’s internal technology team supporting corporate security, information technology operations,...Full timeTemporary workRemote workHome officeFlexible hoursShift work- ...A leading technology firm is looking for a passionate Security Engineer to join their Product Security team. In this role, you will design secure architectures and develop tools that protect Chainlink and support the Web3 ecosystem. Candidates should have experience in...Remote work
- ...Francisco, NYC, or London offices. You'll own application security at a company where the app layer is the highest-priority security... ...and guardrails that make the safe path the easy path for 50+ engineers Threat models for new features and architecture changes -...Work at officeRemote workRelocation packageShift work
$100k - $200k
...no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest... ...in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the...Full timeContract workRemote workWork from homeHome officeRelocation package- ...Finance is the engine of the global economy. It decides which ideas get built, which companies rise, and how resources are allocated... ...now, every financial institution will run on Rogo. The Role As a Security Engineer at Rogo, you’ll play a key role in strengthening the...
- ...AWS Security Engineer/Security Engineer Location: Irvine, CA Duration: Full Time Job Description: • 5–10 years of experience in cloud security engineering, with a strong focus on AWS. • Proficiency in AWS security services (e.g., GuardDuty, Security Hub, IAM...Full time
$150k - $350k
...home. We are based in San Jose, CA and require 5 days/week in-office collaboration. It's time to build. We are looking for a Security Engineer to join the Security & Privacy team at Figure, focusing on security of the robot as well as associated backend services. We...Full timeWork at office- ...ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers support clients in assessing, improving, and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security...Work at officeRemote work
$70k - $100k
• Job Details • Job Title: Japanese Bilingual Mid-Senior Network / Security Engineer • Client: Japanese IT Company • Working Location: New York, NY 10022 • Working Style: Hybrid (2-3 days/week onsite) • Employment Type: Full-time • Salary: $70,...Full timeFor subcontractorRemote workVisa sponsorshipWeekend work2 days per week3 days per week- ..., availability and integrity of Parkland's data, computer systems and network devices by recommending, implementing and utilizing security defense systems to reduce the opportunity of cyber attacks. Minimum Specifications Education ~ Must have a Bachelors degree...Local area
- ...Security Engineer Job ID: 2023-12074 Job Location: Alpharetta, GA (preferred), Frisco, TX (#2), Berkeley Heights, NJ (#3) Job Travel Location(s): # Positions: 1 Employment Type: W2 Candidate Constraints: Duration:Long Term # of Layers:0 Work Eligibility:All Work Authorizations...
$153k - $376k
...together in real time from anywhere in the world. If you're excited to shape the future of design and collaboration, join us! As a Security Engineer you will identify and drive impactful projects to improve the security of Figma’s product, platform, and IT systems. We are...Full timeRemote workWork from home- ...Security Engineer The Security Engineer role will be responsible for designing, implementing, and maintaining security measures to protect the organization's IT systems, networks, and data. In addition, this role will partner with highly skilled professionals across...
$125k - $150k
...Security Engineer Boston or New York KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment...Local areaRemote work- ...Security Engineer Position: Security Engineer – Transmit Security (Mosaic Platform) Client/Implementation: General Motors (GM) Location: New Jersey – Hybrid Rate: $55-57/hr on c2c Experience: 8+ Years Job Description: Deployed and integrated Mosaic authentication...
- ...Security engineer (Mergers & Acquisitions team) The role will be responsible for designing, implementing and troubleshooting security appliances and security controls to allow integration of acquired companies into our Network Need to be able cover deploying new perimeter...Extra incomeFull timeH1bLocal areaVisa sponsorshipWork visa
$100k - $160k
...OAuth, and conditional access. -Design and maintain enterprise security platforms that enforce security policies across endpoints,... ...email compromise. -Collaborate with infrastructure and cloud engineering teams to implement security controls across hybrid environments...Permanent employmentTemporary workWork at officeFlexible hours- ...supporting mission-critical federal and commercial programs. We deliver secure, scalable, and modern digital solutions across complex IT environments. Our teams thrive at the intersection of engineering excellence and mission impact, building systems that matter....Permanent employmentFull timeContract workTemporary workH1bRemote work
$100k - $180k
...Security Engineer We are looking for a highly motivated individual with information security experience who is willing to collaborate with others to build the best in class security program. As a Security Engineer at Hive, you will work to protect sensitive company...Work experience placement$60 - $65 per hour
...00/hr Apex Systems is currently hiring for a PKI/ADCS Customer Engineer with an American multinational technology company. The ideal candidate... ...renewal Experience designing, implementing, and maintaining secure PKI solutions in large scale enterprise environments (two and...Contract workCurrently hiringRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Engineer. Be the first to apply!
- security engineer intern United States
- associate security engineer United States
- information system security engineer United States
- security support engineer United States
- security project engineer United States
- information technology security engineer United States
- principal security engineer United States
- entry level security engineer United States
- junior network security engineer United States
- dlp security engineer United States



