Senior Security Engineer - Compliance and Risk
$150k - $200kK Health
Senior Security Engineer - Compliance and Risk
New York, NY
About the Role
We are seeking a detail-oriented, proactive Security Compliance Engineer to join our Security team.
In this role, you will not just check boxes; you will own the governance and compliance lifecycle for critical security programs and, in many cases, be actively involved in implementation and remediation. You will ensure that our vulnerability management, privacy, data retention, and business continuity efforts meet the rigorous standards of SOC 2, HIPAA, and HITRUST, protecting our sensitive healthcare data and maintaining trust with our partners.
What You Will Do
Vulnerability Management Governance
- Oversee the compliance aspect of the vulnerability management program, ensuring scans and remediation efforts adhere to SLAs.
- Track and report on remediation timelines to ensure evidence is audit-ready.
- Collaborate with engineering and IT teams to validate that exceptions are documented, risk-accepted, and reviewed periodically.
- Manage and handle "tracking technologies" to comply with partner requirements
Privacy & Data Governance
- Manage adherence to internal privacy policies and external regulations (HIPAA, State Laws, CCPA).
- Manage adherence to partner-specific health system requirements
- Monitor data retention schedules to ensure data is stored, archived, and purged in accordance with policy and legal requirements.
- Conduct periodic privacy impact assessments (PIAs) for new products or features.
Disaster Recovery (DR) & Business Continuity (BCP)
- Coordinate annual or bi-annual DR/BCP table-top exercises and technical tests.
- Maintain and update DR/BCP documentation, ensuring contact lists and recovery procedures are current.
- Review post-mortem reports from tests to ensure continuous improvement and compliance with availability trust principles.
Audit & Framework Management (SOC 2 & HITRUST)
- Serve as a primary point of contact for external auditors during SOC 2 and HITRUST assessments.
- Collect, organize, and review evidence on the controls for the programs above.
- Identify compliance gaps and drive remediation projects before external audits begin.
AI/ML in healthcare and emerging federal and state AI regulations
What We're Looking For
- Experience: 3-5+ years of experience in Information Security, Governance, Risk, Vulnerability Management, Compliance (GRC), or IT Audit.
- Program Management: Proven experience managing specific compliance verticals like vulnerability management or business continuity.
- Communication: Ability to translate compliance requirements into actionable technical tasks for engineering teams.
- Organization: Exceptional documentation skills—you understand that "if it isn't written down, it didn't happen."
- Influence: Ability to drive consensus and compliance across teams without direct management authority.
Benefits & Perks: #LI-Hybrid
- Hybrid work schedule with weekly lunches and stocked fridges
- Monthly social committees for company events
- 18 vacation days, 9 company holidays, 5 sick days, and 2 personal days
- Stock options for every full-time employee
- Paid parental leave
- 401k benefit
- Commuter Benefits
- Competitive health, dental, and vision insurance options
Compensation: $150,000 - $200,000 USD
Who We Are:
Behind every leading health system is K Health's AI-powered virtual care engine.
Esteemed health systems like Mayo Clinic, Cedars-Sinai, Mass General Brigham, Hackensack Meridian Health, and Hartford Healthcare partner with K Health to build and run modern primary virtual care clinics on their behalf.
Our deeply integrated model modernizes the primary care loop by using AI to put humans first. For our patients, we offer clinical AI (i.e., PatientGPT) and unparalleled access to close care gaps around the clock. For our Providers, we deliver provider-serving agentic solutions (i.e., Perfect Note) to eliminate administrative overload and burnout. And for the health systems, we deploy our top-grade Virtualists in AI-powered virtual clinics 24/7 to capture the patients' care journeys at step one, retain the journey through the system for longitudinal care, and strengthen profitability.
We're founded in 2016, headquartered in New York City, and backed by nearly $400 million from leading investors including Valor Equity Partners, Claure Group, Mangrove Capital Partners, 14W, Notable Capital, Lerer Hippeau, Primary Venture Partners, Comcast Ventures, PICO Venture Partners, Max Ventures, and other strategic healthcare partners.
We offer competitive compensation packages based on industry benchmarks for function, level, and geographic location. Offer amounts are determined by multiple factors such as a candidate's experience and expertise.
We are proud to be an Equal Opportunity Employer and consider applicants for employment regardless of race, ethnicity, religion, color, national origin, ancestry, disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, sexual orientation, pregnancy, childbirth and breastfeeding, age, citizenship, military or veteran status, or any other class protected by applicable federal, state, and local laws. We're deeply committed to building teams as diverse as the patients we serve and strive to cultivate an environment where everyone can bring their most authentic self to work. We depend on our differences to make our team stronger, our workplace more dynamic, and our product accessible to all of our users.
We are committed to maintaining the integrity of our hiring process and ensuring a safe environment for all candidates. All communication for job offers from K Health will come from email addresses ending in @khealth.com. K Health will never ask you to provide financial information about yourself during the recruitment process. We will never use personal email accounts or other domains for official correspondence. Our official job postings are only listed on our official website and reputable job boards. Be cautious of job offers from sources other than these platforms.
- ...Senior Security Engineer, Security Incident Response Team (SIRT) Remote, US GitLab is the intelligent orchestration platform for DevSecOps... ...productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50...SeniorRiskRemote work
GitLab
New York, NY2 days ago - ...Senior Corporate Security Engineer, Mac OS Remote, Canada; Remote, US GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables... ..., improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50...SeniorRiskRemote work
GitLab
New York, NY2 days ago $180k - $210k
...Senior Security Engineer Crossmint is the leading enterprise-grade, all-in-one stablecoin and wallet... ...rails and smart wallets with speed, compliance, and scale. In January 2026, Crossmint... ...on strategy, automation, and long-term risk management while you ensure...SeniorRiskFull timeWork at officeWorldwideFlexible hoursCrossmint
New York, NY1 day ago$100k - $160k
...operational efficiency, and reduce compliance costs. Built for the AI... ...the leader in identity security, with solutions that... ..., please visit . The Senior/Principal Federal Security Engineer reports into Federal Information... ...mitigate organizational risk as they relate primarily...SeniorRiskLocal areaFlexible hoursSaviynt
New York, NY2 days ago$160k - $185k
...leveraged its deep expertise in securities law,blockchain, and... ...trading, blockchain,compliance, etc.). We continue to grow... ...complicated problems.Role:-Senior Infrastructure Security Engineer - Full Time W2Location:-Fully... ...reviews and third-party risk assessmentsExperience...SeniorRiskFull timeRemote workPrometheum
New York, NY4 days ago$159k - $278.25k
Senior Security Engineer - Corporate Security Rippling gives businesses one place to run HR, IT, and... ...Our mission is to reduce organizational risk by securing the tools and platforms... ...products, Infrastructure, Legal, and Compliance teams to improve how we manage access,...SeniorRiskWork at officeFlexible hours3 days per week$100k - $110k
...Description The Sr. Cloud Security Engineer plays a key role in securing... ...environment by enhancing visibility, compliance, and threat detection... ...identify and remediate security risks while ensuring alignment... ...01k). All Level 38 and more senior roles may also be eligible for...SeniorRiskTemporary workLocal areaVisa sponsorshipWork visaFlexible hoursWTW inc.
New York, NY2 days ago- ...AppOmni Inc. is seeking a Senior SaaS Security Engineer to enhance our platform security by designing detection... ...particularly in threat detection and risk assessment. You'll work closely with... ...our clients, ensuring security and compliance. Join a supportive team dedicated to...SeniorRisk
AppOmni
New York, NY2 days ago - ...A leading cybersecurity firm is seeking a Senior ServiceNow Identity Security Engineer to lead the design and implementation of identity security solutions... ...and comprehensive benefits. Bring your expertise to the cutting edge of AI and Risk Management! #J-18808-Ljbffr...SeniorRiskRemote work
Templar Shield
New York, NY2 days ago - ...Framework Ventures is hiring a Security Engineer to work with the Institutional Trading and Financial Operations team in the United States.... ...infrastructure, partnering with cross-functional teams, and managing risk treatment plans. Candidates must have over 5 years of...SeniorRisk
Framework Ventures
New York, NY2 days ago - ...technology company in the United States is seeking a Senior Security Engineer to enhance the security of their SaaS platform and infrastructure... ...a strong background in secure software development, risk assessment, and compliance frameworks like SOC 2. You will be responsible for...SeniorRiskRemote work
Orbis Group
New York, NY2 days ago $129k - $220k
...Anduril Industries is seeking a Security Engineer to enhance OT security and implement defensive controls. This role involves assessing risks, developing security roadmaps, and ensuring secure design in production environments. The ideal candidate will have experience...SeniorRiskanduril
New York, NY2 days ago$168k - $195k
...services and ensures the necessary IT risk management and security measures are in place and aligned... ...We are seeking a highly skilled Senior Cyber Security Engineer - SIEM and Automation to lead... ...The Company is also committed to compliance with all fair employment...SeniorRiskWork at officeLocal areaImmediate startRemote workRelocationCorebridge Financial
Jersey City, NJ5 days ago- ...Platform. We are looking for an experienced security engineer to join our infrastructure security... ...teams, IT administrators, and compliance analysts to ensure that we maintain sufficient... ...engineering teams. Contribute to strategy, risk management and prioritization for all...SeniorRisk
Confluent
New York, NY2 days ago - ...Senior Security Success Engineer - REMOTE Join Jobgether in a pivotal role to ensure customers effectively implement security solutions and maximize... ...customers on security-related products, architectures, and risk topics. Run readiness checks and lead data modeling to validate...SeniorRiskRemote work
Jobgether
New York, NY2 days ago - ...solutions to federal agencies. We are seeking an experienced Senior Security Engineer to remotely support our federal customer located in... ...location is remote. Responsibilities Performs security audits, risk analysis, application-level vulnerability testing, and security...SeniorRiskWork experience placementRemote work
NextGen Federal Systems
New York, NY2 days ago - ...Senior Security Engineer II – Threat Detection & Response Client is seeking a Senior Security Engineer- Detection & Response (Threat-Informed... ...across Security, Platform, Product, and Engineering to reduce risk and improve resilience at scale. You will bridge the gap...SeniorRiskImmediate start
WinMax
New York, NY1 day ago - ...integration Cloud platforms (AWS, Azure, or GCP) Compliance frameworks (SOX, PCI-DSS) Responsibilities: Design... ...Enforce privileged access policies and security standards Support audits, access reviews, and risk assessments Troubleshoot platform issues and drive...SeniorRiskH1bRemote work
aKube, Inc.
New York, NY1 day ago - ...routing. • Experience with SMS, RTT, TCC routing, SMS aggregation • Experience with third-party emergency communication system integrations • Experience with GIS and location-based identification systems • Experience with 911 related TDOS and DDOS risk mitigationSeniorRiskWork at officeWeekend work
3B Staffing LLC
New York, NY1 day ago - ...Neos is seeking a Cloud Security Engineer with Splunk experience for a remote... ...organizational policies and compliance frameworks (e.g., CJIS, TAC... ...data protection and risk mitigation throughout the system... ...internal/external audit support. Seniority level Mid-Senior level...SeniorRiskLong term contractContract workRemote work
Neos Consulting
New York, NY2 days ago $153k - $214k
...We are excited to welcome a Senior Engineer to join our Vulnerability Management... ...us to build and deliver secure products with confidence,... ...technical, non-technical, compliance, and leadership audiences. Conduct... ...Contribute to the design of risk-scoring and SLA models that...SeniorRiskShift work1Password
New York, NY2 days ago$170k - $300k
...Senior Security Engineer (Remote – US) Compensation: $170K–$300K base + equity Type: Full-time Location... ...Cloud / infrastructure security Compliance (SOC 2) Security tooling & automation... ...Oversee vendor and third-party security risk Tech Environment Cloud: AWS (IAM, VPC,...SeniorRiskFull timeRemote workMAP SSG Inc
New York, NY2 days ago- ...Position Description: The Senior ServiceNow Identity Security Engineer is responsible for leading the design, implementation, and optimization of... ...dashboards, analytics, and reporting aligned to client risk and compliance needs. Troubleshoot and resolve complex issues...SeniorRiskRemote work
Templar Shield
New York, NY2 days ago $167.5k - $235k
...Senior Security Engineer (Detection & Response) New York, New York Apply Who We Are At Justworks, you’ll enjoy a welcoming and casual... ..., making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership...SeniorRiskCasual workLocal areaJustworks
New York, NY1 day ago- ...excel. About the role and team As we scale our security function to support our two payment brands... ...robust processes including reporting and risk management. Improve stakeholder collaboration & influence. Partner with engineering, operations, and business teams to foster a...SeniorRiskRemote work
Zepz
New York, NY2 days ago $129k - $220k
...the military in months, not years. ABOUT THE TEAM Anduril's Security Engineering team is looking for a security engineer to focus on building... ...cutting edge factory systems. ABOUT THE JOB WHAT YOU’LL DO Lead OT risk assessments, gap analyses, and develop a multi‑year OT...SeniorRiskFull timeWork experience placementanduril
New York, NY2 days ago- ...Senior It Security Specialist Global shipping company is seeking a Senior IT Security Specialist... ...guidance and expertise in the field of risk management regarding the protection and... ...review vulnerability reports, track compliance with vulnerability management policies...SeniorRiskRemote work2 days per week
MRINetwork
New York, NY1 day ago $180k - $240k
...Security Lead You'll be the hands-on security lead embedded with core product teams to... ...protected in production. We are looking for engineers who have expertise in cloud/... ...cosign, SLSA-style controls) and dependency risk management. ~ Clear, pragmatic communication...SeniorRiskWork at officeImmediate startFlexible hoursLangChain
New York, NY5 days ago- ...fair, accessible, and personal. As a Senior Security Engineer, you'll set a new standard for... ...preserving data systems, multi-jurisdiction compliance automation, and AI-enabled decisioning... ...engineering to identify and elevate critical risks before production, with deep focus on...SeniorRiskCurrently hiringWork at office
January Technologies, Inc.
New York, NY6 hours ago - ...customers. Cohere is a team of researchers, engineers, designers, and more, who are... ...mission and shape the future! As a Senior Security Engineer you will: Serve as trusted... ...teams by clearly articulating business risks associated with security issues Lead...SeniorRiskFull timeWork at officeRemote workFlexible hours
Cohere
New York, NY6 hours ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security Engineer - Compliance and Risk. Be the first to apply!
- staff security engineer New York, NY
- senior application security engineer New York, NY
- sr information security engineer New York, NY
- security engineering manager New York, NY
- security operations engineer New York, NY
- cloud security engineer New York, NY
- azure security engineer New York, NY
- endpoint security engineer New York, NY
- physical security engineer New York, NY
- systems security engineer New York, NY