Senior Security Engineer

Our client is seeking a Senior Security Engineer (Gov Tech / Health Tech, Platform & Engineering) to join their growing team in a remote capacity, with a preference for candidates based in the Salt Lake City, Utah area. Are you a hands‑on Security Engineer with deep cloud security expertise in AWS? Do you enjoy owning vulnerability management, incident response, and compliance initiatives like SOC 2, HIPAA, and FedRAMP?

Are you passionate about building secure, mission‑critical systems that help millions of people access essential government benefits? If yes, this may be the perfect Senior Security Engineer position for you. Keep scrolling to see what this company has to offer.

• Compensation: $150,000 - $200,000, based on experience
• 401k
• Health and Dental Insurance
• Paid Time Off
• $50/month for phone bill
• $100/month for a wellness benefit
• Meaningful work supporting regulated, mission‑critical systems

In this role, you’ll take broad ownership of security engineering, incident response, and compliance for a fast‑growing, mission‑driven startup. You’ll work closely with Engineering, Dev Ops, and Leadership to design, implement, and scale security controls across cloud and application environments. Your work will directly support secure delivery of AI‑powered, regulated software used by millions of Americans to access food and health programs.

• Drive vulnerability management and remediation across application, infrastructure, and cloud environments
• Serve as a primary responder for security incidents and design, document, and test the Incident Response Plan
• Partner with engineers to identify and remediate security risks in code, infrastructure, and system architecture
• Review system designs with a security‑first, risk‑based approach
• Improve security logging, monitoring, alerting, and detection capabilities
• Support SOC 2 Type II, HIPAA, and FedRAMP readiness initiatives
• Translate regulatory and control requirements into practical engineering and operational controls
• Own audit preparation activities, including evidence collection, walkthroughs, and remediation tracking
• Conduct and document risk assessments, threat models, and security reviews
• Create and maintain security policies, standards, and procedures
• Maintain Incident Response, Disaster Recovery, Secure SDLC, and Access Control documentation
• Mentor and guide teams on secure development and cloud security best practices
• Help foster a strong security culture through collaboration and education

• 6+ years of experience in Security Engineering, Cloud Security, Application Security, or related roles
• Proven hands‑on experience leading security remediation efforts
• Experience supporting FedRAMP, SOC 2, and HIPAA compliance programs
• Prior experience operating as an independent security owner in a startup or early‑stage environment
• Strong cloud security background (AWS, Azure, GCP)
• Application security experience, including OWASP Top 10 and secure SDLC practices, vulnerability scanning, monitoring/alerting tools
• Experience with compliance automation platforms such as Vanta, Drata, or Secureframe (preferred)
• Infrastructure‑as‑Code and automation skills (Terraform, Python, Bash) preferred

Our client is a rapidly growing, mission‑driven Gov Tech and Health Tech startup focused on making government the best‑run organization in the world. Their platform helps states deliver critical programs like SNAP, WIC, and Medicaid Enrollment more efficiently, improving the experience for both citizens and administrators. With more than 5 million users and a top‑ranked Health & Fitness app, the company is scaling quickly and doubling the number of states they serve.

Start by filling out this 3‑minute, mobile‑friendly application here. We look forward to hearing from you!