Senior Security Engineer

🕒 December 19, 2025

🇺🇸 United States – Remote

💵 $128.1k - $235.3k / year

⏰ Full Time

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Included Health

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

☁️ SaaS

🤝 B2B

👥 HR Tech

SaaS • B2B • HR Tech

Included Health is a healthcare technology company that delivers personalized, employer- and health-plan-focused primary, urgent, and behavioral health care through a single app and a network of virtual and in-person services. It blends AI-driven tools and human care teams to provide 24/7 care coordination, billing and claims advocacy, second opinions from leading specialists, and mental-health support, with the goal of lowering employer healthcare costs and improving member experience and inclusivity.

📋 Description

• Design, build, and implement Just-in-Time (JIT) access controls and Privileged Access Management (PAM) workflows to eliminate standing privileged accounts in production. • Conduct platform permission reviews and implement a least-privilege access model for cloud and application roles. • Ensure 100% of production access requests and approvals are captured in audit logs. • Lead the implementation, tuning, and operation of security tools in the CI/CD pipeline, including SAST, DAST, SCA, and secrets scanning. • Develop custom SAST rules to detect specific, high-risk flaw patterns, such as authorization bypasses or insecure PII/PHI handling. • Partner with engineering to deploy IDE plugins and automated PR checks that block sensitive data exposure before deployment. • Conduct manual security code reviews for high-risk features and cryptographic implementations. • Design, build, and maintain automation for the end-to-end vulnerability management lifecycle. • Engineer automated workflows to triage, validate, and assign new vulnerabilities • Develop and maintain security automation scripts, tools, and services in Python or Go to streamline security operations and compliance checks. • Partner with SecOps to build high-fidelity SIEM correlation rules and automated response playbooks. • Design, implement, and maintain encryption strategies for data at rest and in transit, ensuring PHI is protected in compliance with HIPAA. • Manage the cryptographic key lifecycle and administer key management systems • Design and implement secure cloud network architectures (VPCs, subnets, security groups, NACLs) and network segmentation strategies. • Lead the remediation of cloud security findings • Implement and manage a centralized security control plane • Design and implement Data Loss Prevention (DLP) policies for endpoints and cloud services to protect against sensitive data exfiltration. • Design and enforce security configurations and hardening standards for diverse operating systems (macOS, Windows, Linux) via MDM/UEM platforms. • Manage and tune endpoint security solutions, including EDR/XDR (e.g., CrowdStrike). • Lead threat modeling sessions for new features and conduct secure design reviews of system architectures, applications, and APIs. • Act as an embedded security partner and subject matter expert for product and platform teams, providing technical guidance and mentorship. • Develop and manage security programs for emerging risks, including SaaS security and AI security.

🎯 Requirements

• 6+ years of experience in security engineering, with hands-on expertise in both application security and cloud security (AWS strongly preferred). • Strong proficiency in at least one scripting or programming language (Python or Go preferred) for security automation. • Demonstrable experience in two or more of the following core areas: 1) Application & SDLC Security, specifically with SAST, DAST, and SCA tools (e.g., Semgrep, Snyk, Burp Suite) and CI/CD automation; 2) Security Automation & Engineering using SOAR platforms (e.g., Tines) and Terraform; 3) Cloud Security (AWS/GCP) with a focus on designing secure cloud-native services (VPCs, IAM, WAF, CSPM); 4) Identity & Encryption, including JIT access controls, PAM, and cryptographic key lifecycles; or 5) Endpoint & Data Security utilizing EDR/XDR, DLP, and MDM solutions. • Experience securing containerized environments (Docker, Kubernetes). • Previous experience in healthcare, fintech, or other highly regulated industries • Excellent communication skills, with the ability to explain complex security risks to both technical and non-technical stakeholders.

🏖️ Benefits

• Remote-first culture • 401(k) savings plan through Fidelity • Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance) • Paid Time Off ("PTO") and Discretionary Time Off ("DTO") • 12 weeks of 100% Paid Parental leave • Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies. • Work-From-Home reimbursement to support team collaboration home office work