Security Engineer

Summary

Join Wisp, a telehealth company revolutionizing sexual and reproductive healthcare, as a Senior Security Engineer. As our first dedicated security hire, you will build and maintain our secure web platform, acting as a security evangelist within the engineering team. This fully remote role requires extensive experience in cloud security (AWS, Kubernetes), application security, and secure coding practices. You will be responsible for implementing security tools, conducting code reviews, and establishing incident response procedures. We offer a competitive benefits package including uncapped time off, flexible Fridays, learning stipends, and comprehensive health insurance.

Requirements

• You enjoy wearing many hats and have a passion for tackling the broad security challenges that a fast-growing telehealth startup faces—and you’ve done this a few times before for the last 5+ years in highly compliant environments
• You have a strong understanding of common Application Security concerns and their remediations, OWASP, NIST etc. You’re also highly knowledgeable about networking protocols, encryption algorithms, and secure coding practices
• You have proven hands-on experience with AWS and Kubernetes; you’re comfortable in the code, and other engineers look to you for help with those tools
• You have been a team of one, serving as a security SME and proactively getting out ahead of potential problems and prioritizing work
• You have experience with common vulnerability and SIEM tooling and owning the lifecycle of findings and remediations
• You have excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and articulate complex security concepts to non-technical stakeholders
• Must be authorized to work in the country this requisition states

Responsibilities

• Ensure a very high degree of cloud security posture in AWS by addressing vulnerabilities and ensuring technical controls are passing
• Enable our engineers to ship secure code by building a robust stack of security tools and integrating it into our CI/CD pipeline (static and dynamic application security testing)
• Collaborate closely with engineering teams to ensure secure design and code review, supporting our Python codebase
• Act as a thought leader, educating our engineering team on security best practices and curating a culture where everyone feels invested and responsible for building a secure product
• Establish, maintain, and own incident response procedures to efficiently mitigate security incidents and minimize impact
• Collaborate cross-functionally across the business to help define and implement our organization’s roadmap for security

Benefits

• A fully remote environment, plus our $500 Work Better Stipend so you can have the optimal work-from-home set-up when you join
• Uncapped Time Off to recharge–and we track to ensure employees are taking at least 15 days off per year
• Flexible Fridays where there are no company meetings
• Our Learning Stipend to enable your professional growth and development
• 100% monthly premium coverage for Health and Vision (and 99% for Dental) insurance for you and your dependents
• 3% 401(k) match, dollar for dollar, that vests your first day (read: no waiting period)