Hinge HealthRemote
Lead Security Engineer
United States of America
Full Time
1 day ago
$239,000 - $263,000 USD
H1B Sponsor Likely
Key skills
TypeScriptPythonGoRAIMachine LearningMLClaudeAWSTerraformIAMOAuthOktaSAMLCI/CDOKRsCloud Security
About this role
Hinge Health is focused on using technology to improve healthcare delivery for musculoskeletal conditions. They are seeking a Lead Security Engineer to build security standards and tooling, ensuring compliance and privacy while enabling engineers to work effectively in an AI-assisted development environment.
Responsibilities:
- Audit current cloud security posture and IAM architecture across our AWS environment; build relationships with key stakeholders in Application Security, SRE, and R&D Engineering
- Assess existing AI-assisted development tooling (Claude Code, Cursor, MCP gateway) for security risks and begin developing a governance framework
- Design and implement AI-driven tools and workflows to enhance security monitoring, threat detection, incident response, and IAM governance
- Develop and enforce policies and protocols to protect AI tools and platforms from misuse, data breaches, and external threats — including secure agent sandboxing and MCP server governance
- Deliver IAM solutions enabling secure, granular access controls that enforce least privilege principles, utilizing automation and AI for privilege escalation and approvals
- Own the security strategy for AI-enabled development and cloud infrastructure, acting as the primary subject matter expert for security engineering across the organization
- Ensure all compliance regulations — including HIPAA, privacy, and relevant security frameworks — are met for new services, AI tooling, and infrastructure
- Develop and drive cybersecurity initiatives related to incident response, threat intelligence, vulnerability management, and monitoring tools
- Mentor team members in adopting new security tools and processes; educate the broader organization through knowledge-sharing sessions and author clear technical proposals with measurable security OKRs
Requirements:
- Bachelor's degree in a technical, engineering, or scientific field — or comparable education/experience
- 7+ years in cybersecurity, with 3+ years focused on security operations or IAM
- 5+ years of experience in cloud security operations, specifically AWS
- 3+ years of coding experience (e.g., Python, Go, or TypeScript) with hands-on experience developing Terraform and infrastructure-as-code
- Hands-on experience securing AI/ML systems, including data pipelines, model deployments, API integrations, and their security challenges
- AWS Solutions Architect or Security Specialty certification
- AI/ML security certifications or familiarity with adversarial machine learning threats and mitigation strategies
- Experience building or integrating security controls into CI/CD pipelines and AI-assisted development workflows
- Experience managing an Enterprise IdP, especially Okta, with deep understanding of OAuth 2.0 and SAML
- SOC 2, PCI, or HIPAA audit/training certifications
- Knowledge of low-level networking principles