← all jobs

[Remote] Security Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. First Stop Health is on a mission to deliver affordable, delightful healthcare for all by providing connected, whole-person virtual care. They are seeking a Security Engineer to design, implement, and maintain security controls and practices across the organization, working closely with various teams to strengthen security posture and support secure business operations.

Responsibilities

  • Lead application security initiatives including architecture reviews, threat modeling, code reviews, and penetration testing coordination
  • Integrate security controls and testing into the SDLC and CI/CD pipelines
  • Partner with development teams to remediate vulnerabilities and improve secure coding practices
  • Champion secure design principles across web, mobile, API, and cloud-native applications
  • Support implementation and operation of security testing tools including SAST, DAST, SCA, and secrets detection
  • Perform and facilitate threat modeling exercises with development teams to identify potential attack vectors and prioritize risks
  • Conduct risk assessments and provide actionable guidance to reduce application-level security risk
  • Communicate risk findings clearly, balancing technical detail with business impact
  • Design, implement, and maintain security controls across cloud, infrastructure, applications, and enterprise systems
  • Participate in security architecture reviews and provide recommendations for risk reduction
  • Evaluate and implement security technologies that improve organizational security posture
  • Support identity and access management initiatives, including authentication, authorization, and privileged access controls
  • Assess cloud environments for security risks and recommend remediation strategies
  • Support cloud security initiatives including identity management, logging, monitoring, network security, and workload protection
  • Identify, assess, prioritize, and track remediation of security vulnerabilities across applications, cloud environments, endpoints, and infrastructure
  • Partner with system owners and engineering teams to ensure timely remediation of identified risks
  • Assist with security investigations, incident response activities, and post-incident reviews
  • Collaborate with security operations personnel to improve detection and response capabilities
  • Lead application security assessments, including static and dynamic analysis, architecture reviews, and manual testing
  • Perform and oversee code reviews to identify security vulnerabilities and design flaws
  • Lead and coordinate penetration testing engagements, including scoping, execution, remediation validation, and reporting
  • Serve as a trusted security advisor to internal teams, providing expert guidance on secure design, implementation, and remediation
  • Develop and deliver security training and awareness content for developers and technical stakeholders
  • Contribute to security documentation, standards, and internal knowledge bases
  • Monitor relevant threat intelligence sources related to application and software supply chain risks
  • Analyze emerging threats and vulnerabilities and communicate relevant findings to the Information Security team and other stakeholders
  • Recommend enhancements to application security controls and practices based on evolving threats and industry trends

Skills

  • 5-8 years of experience in cybersecurity, information security, cloud security, application security, infrastructure engineering, or related technical disciplines
  • Strong understanding of security principles across applications, cloud platforms, infrastructure, networks, and enterprise systems
  • Strong experience performing security assessments and risk evaluations across applications, cloud platforms, and infrastructure
  • Knowledge of security frameworks and standards such as NIST CSF, CIS Controls, OWASP, ISO 27001, and HIPAA
  • Experience with vulnerability management and remediation processes
  • Familiarity with security monitoring, incident response, and threat detection concepts
  • Experience working in AWS and Azure environments
  • Strong understanding of authentication, authorization, encryption, and identity management concepts
  • Excellent communication and stakeholder management skills
  • Bachelor's degree or equivalent practical experience
  • Strong application security experience including threat modeling, secure code review, penetration testing coordination, and secure SDLC practices
  • Experience with SAST, DAST, SCA, container security, and software supply chain security tools
  • Familiarity with DevSecOps practices and CI/CD security integrations
  • Experience with security tooling such as SIEM, EDR, CSPM, IAM, and vulnerability management platforms
  • Security+, Certified Application Security Engineer (CASE), Certified Secure Software Engineer Lifecycle Professional (CSSLP), etc

Benefits

  • First Stop Health offers a comprehensive benefits package that includes various health and medical coverage options, dental and vision coverage, disability and life coverage, making healthcare easily accessible.
  • For those that choose to waive medical coverage a monthly medical waiver allowance will be provided.
  • First Stop Health offers a remote-first work environment and flexible paid time off, including Summer Fridays.
  • The employer match 401k plan and monthly phone stipend demonstrates the company's commitment to employee financial well-being.
  • The First Stop Health membership benefit is another added perk for employees and provides our virtual care solutions -- Urgent Care, Mental Health, and Primary Care -- from their very first day!

Company Overview

  • First Stop Health provides care that people love with 24/7 access to licensed doctors via app, web or phone. It was founded in 2011, and is headquartered in Chicago, Illinois, USA, with a workforce of 201-500 employees. Its website is http://www.fshealth.com.
  • More open positions

    [Remote] Legal Assistant (PT, Seasonal)

    Work from home Full-time role

    [Remote] Director for AR Operations

    Work from home Full-time role

    [Remote] Administrative and Fiscal Coordinator (CAS Dean)

    Work from home Full-time role

    [Remote] Senior Director, Inbound Marketing and Operations [12 - 18 Month Fixed Term Contract]

    Work from home Full-time role

    [Remote] Frontend Engineer - AI Trainer

    Work from home Full-time role

    Experienced Remote Data Entry Specialist – Entry Level Opportunity for Teens at careerzynith

    Work from home Full-time role

    Account Development Representative

    Work from home Full-time role

    Grow Your Income & Leadership Career - Texas Hiring Event (June 25)

    Work from home Full-time role

    Revenue Integrity Nurse Auditor – Remote

    Work from home Full-time role

    [Remote] Manufacturing Welding Engineer

    Work from home Full-time role

    [Remote] Sales Executive

    Work from home Full-time role

    Compassionate Customer Service Representative – Paid Training – Day Shift – Medical Supplies Support at careerzynith

    Work from home Full-time role

    Insurance Customer Service Representative – Policy Support, Claims Assistance, and Client Relationship Management

    Work from home Full-time role

    [Remote] Cyber GRC Consultant

    Work from home Full-time role

    Autism Care Navigator - ABA Services Family Support Specialist (Remote Position | Pennsylvania, New Jersey, Delaware)

    Work from home Full-time role

    #119832 - Junior Manual QA Engineer (Manual/API Testing)

    Work from home Full-time role

    Director, Engineering

    Work from home Full-time role

    Sales Development Representative

    Work from home Full-time role

    CPD National Program Manager

    Work from home Full-time role

    Software Engineer, Microsoft Azure Technologies

    Work from home Full-time role

    Field Service Engineer II - IC & HPLC

    Work from home Full-time role