← all jobs

[Remote] Security Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. First Stop Health is on a mission to deliver affordable, delightful healthcare for all by providing connected, whole-person virtual care. They are seeking a Security Engineer to design, implement, and maintain security controls and practices across the organization, working closely with various teams to strengthen security posture and support secure business operations.

Responsibilities

  • Lead application security initiatives including architecture reviews, threat modeling, code reviews, and penetration testing coordination
  • Integrate security controls and testing into the SDLC and CI/CD pipelines
  • Partner with development teams to remediate vulnerabilities and improve secure coding practices
  • Champion secure design principles across web, mobile, API, and cloud-native applications
  • Support implementation and operation of security testing tools including SAST, DAST, SCA, and secrets detection
  • Perform and facilitate threat modeling exercises with development teams to identify potential attack vectors and prioritize risks
  • Conduct risk assessments and provide actionable guidance to reduce application-level security risk
  • Communicate risk findings clearly, balancing technical detail with business impact
  • Design, implement, and maintain security controls across cloud, infrastructure, applications, and enterprise systems
  • Participate in security architecture reviews and provide recommendations for risk reduction
  • Evaluate and implement security technologies that improve organizational security posture
  • Support identity and access management initiatives, including authentication, authorization, and privileged access controls
  • Assess cloud environments for security risks and recommend remediation strategies
  • Support cloud security initiatives including identity management, logging, monitoring, network security, and workload protection
  • Identify, assess, prioritize, and track remediation of security vulnerabilities across applications, cloud environments, endpoints, and infrastructure
  • Partner with system owners and engineering teams to ensure timely remediation of identified risks
  • Assist with security investigations, incident response activities, and post-incident reviews
  • Collaborate with security operations personnel to improve detection and response capabilities
  • Lead application security assessments, including static and dynamic analysis, architecture reviews, and manual testing
  • Perform and oversee code reviews to identify security vulnerabilities and design flaws
  • Lead and coordinate penetration testing engagements, including scoping, execution, remediation validation, and reporting
  • Serve as a trusted security advisor to internal teams, providing expert guidance on secure design, implementation, and remediation
  • Develop and deliver security training and awareness content for developers and technical stakeholders
  • Contribute to security documentation, standards, and internal knowledge bases
  • Monitor relevant threat intelligence sources related to application and software supply chain risks
  • Analyze emerging threats and vulnerabilities and communicate relevant findings to the Information Security team and other stakeholders
  • Recommend enhancements to application security controls and practices based on evolving threats and industry trends

Skills

  • 5-8 years of experience in cybersecurity, information security, cloud security, application security, infrastructure engineering, or related technical disciplines
  • Strong understanding of security principles across applications, cloud platforms, infrastructure, networks, and enterprise systems
  • Strong experience performing security assessments and risk evaluations across applications, cloud platforms, and infrastructure
  • Knowledge of security frameworks and standards such as NIST CSF, CIS Controls, OWASP, ISO 27001, and HIPAA
  • Experience with vulnerability management and remediation processes
  • Familiarity with security monitoring, incident response, and threat detection concepts
  • Experience working in AWS and Azure environments
  • Strong understanding of authentication, authorization, encryption, and identity management concepts
  • Excellent communication and stakeholder management skills
  • Bachelor's degree or equivalent practical experience
  • Strong application security experience including threat modeling, secure code review, penetration testing coordination, and secure SDLC practices
  • Experience with SAST, DAST, SCA, container security, and software supply chain security tools
  • Familiarity with DevSecOps practices and CI/CD security integrations
  • Experience with security tooling such as SIEM, EDR, CSPM, IAM, and vulnerability management platforms
  • Security+, Certified Application Security Engineer (CASE), Certified Secure Software Engineer Lifecycle Professional (CSSLP), etc

Benefits

  • First Stop Health offers a comprehensive benefits package that includes various health and medical coverage options, dental and vision coverage, disability and life coverage, making healthcare easily accessible.
  • For those that choose to waive medical coverage a monthly medical waiver allowance will be provided.
  • First Stop Health offers a remote-first work environment and flexible paid time off, including Summer Fridays.
  • The employer match 401k plan and monthly phone stipend demonstrates the company's commitment to employee financial well-being.
  • The First Stop Health membership benefit is another added perk for employees and provides our virtual care solutions -- Urgent Care, Mental Health, and Primary Care -- from their very first day!

Company Overview

  • First Stop Health provides care that people love with 24/7 access to licensed doctors via app, web or phone. It was founded in 2011, and is headquartered in Chicago, Illinois, USA, with a workforce of 201-500 employees. Its website is http://www.fshealth.com.
  • More open positions

    [Remote] Legal Assistant (PT, Seasonal)

    Work from home Full-time role

    [Remote] Director for AR Operations

    Work from home Full-time role

    [Remote] Administrative and Fiscal Coordinator (CAS Dean)

    Work from home Full-time role

    [Remote] Senior Director, Inbound Marketing and Operations [12 - 18 Month Fixed Term Contract]

    Work from home Full-time role

    [Remote] Frontend Engineer - AI Trainer

    Work from home Full-time role

    Hiring 16 & 17 yr. olds Starting up to $12.00/h…

    Work from home Full-time role

    Senior Data Analyst II – Remote Data Entry & Insight Generation at careerzynith – $35/hr Flexible Work‑From‑Home Opportunity

    Work from home Full-time role

    Offensive Security Researcher — Browser Vulnerability Research & Agentic AI

    Work from home Full-time role

    [Remote] Senior Compliance Analyst, Special Investigations Unit

    Work from home Full-time role

    Remote Voice-Over Artist

    Work from home Full-time role

    Seasonal Crop Adjuster - Eau Claire, WI

    Work from home Full-time role

    Experienced Customer Service Associate – Cloud Computing Support and Advocacy

    Work from home Full-time role

    Solutions Director (FINS)

    Work from home Full-time role

    Zone Manager, Provider Privacy

    Work from home Full-time role

    Revenue Integrity Nurse Auditor – Remote

    Work from home Full-time role

    EdTech Conference Coordinator (Contract), Remote Job

    Work from home Full-time role

    Senior Project Manager

    Work from home Full-time role

    Business Development Representative

    Work from home Full-time role

    Client Solutions Specialist

    Work from home Full-time role

    [Remote] Product Manager

    Work from home Full-time role

    Full Stack Developer

    Work from home Full-time role