Grow TherapyRemote
Staff Engineer, Security
United States of America
Full Time
3 hours ago
$220,000 - $240,000 USD
H1B Sponsor Likely
Key skills
Product SecurityCloud SecurityData SecurityAccess GovernanceDetection & ResponseSecurity Infrastructure EngineeringSecurity Program DesignSecurity Review ProcessesSecure DesignSecurity Metrics ReportingSecurity ChampionsLeast Privilege AutomationVulnerability ManagementAI
About this role
Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice and patients accessing high-quality care. They are seeking a Staff Security Engineer to shape and execute a multi-year Security roadmap that protects customers and enables the engineering organization. This role involves building secure infrastructure, driving data security, and promoting a culture of security across the company.
Responsibilities:
- Define and drive the Security Engineering North Star. Lead the development of a consolidated, multi-year Security Engineering vision — conducting gap analyses, aligning with key stakeholders, and translating strategy into an executable roadmap that teams across the organization can rally behind
- Lead the charge on AI-native Security: Security sits within Grow’s Internal Foundations pillar, which is building company-wide infrastructure to support AI adoption. We build AI tools Security, Engineering, and the company at large. You’ll be in an incredible position to influence safe and thoughtful adoption of AI tooling at the enterprise level
- Build secure-by-default infrastructure. Design, build, and roll out foundational security services — including unified authentication, authorization, audit logging, and egress control — so that engineering teams can build fast without compromising on security
- Own data security at scale. Drive systematic data tagging across Grow's production data models, aligning with our Data Classification Policy to ensure every datastore is compliant with security controls and observable by the teams who own it
- Champion security visibility and accountability. Build company-wide security scorecards so every team has a clear, real-time view of their security posture — turning security from a periodic audit into a continuous, embedded practice
- Enable and empower the engineering organization. Partner deeply with engineering, platform, and product teams to deliver high-leverage, secure-by-default services — reducing the burden on individual teams while raising the security floor across Grow. Drive automated Least Privilege and systematic Vulnerability Management as org-wide capabilities
Requirements:
- You bring deep, multi-domain security expertise — you've operated meaningfully across Product Security, Cloud Security, Data Security, Access Governance, and/or Detection & Response, and you know how to connect the dots between them
- You have recent, hands-on engineering experience — you're comfortable writing code, contributing to security infrastructure, and doing system design reviews, not just advising from the sidelines
- You've built security programs at scale — you've designed and shipped org-wide processes like Security Review, Secure Design, Security Champions, and Security Metrics Reporting at a previous company
- You're a clear, compelling communicator — you can present security strategy and risk to non-technical audiences (including executives and clinical stakeholders) with precision, empathy, and confidence
- You're energized by ownership and ambiguity — you thrive when given a blank canvas, know how to prioritize ruthlessly, and can move fluidly between long-term vision and near-term execution