Senior Security Engineer, Application & Cloud

Rad AI
Summary
Join Rad AI, a fast-growing SaaS company revolutionizing healthcare with AI, as a Senior Cybersecurity Engineer. You will play a critical role in ensuring the security of our platform, which is used by thousands of radiologists daily. This position requires hands-on experience in both application and cloud security, focusing on integrating security tools, performing assessments, and collaborating with developers to remediate vulnerabilities. You will also be responsible for strengthening our AWS cloud environments and developing incident response plans. The ideal candidate possesses a Bachelor's degree in a related field, 4+ years of AppSec experience, and 2+ years of DevSecOps or Cloud Security experience. Rad AI offers a variety of benefits for US-based full-time roles, including comprehensive insurance, 401k, flexible PTO, and location flexibility.
Requirements
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
- 4+ years of experience in Application Security
- 2+ years of experience in DevSecOps or Cloud Security
- Demonstrated knowledge of security frameworks and standards (e.g., OWASP ASVS, NIST SSDF, AWS Well-Architected Framework)
- Experience with security tools and technologies (e.g., Kubernetes, Snyk, Wiz, GitHub Actions, AWS GuardDuty)
- Strong project management skills and the ability to manage multiple projects simultaneously
Responsibilities
- Integrate and manage security tools across CI/CD pipelines (SAST, SCA, IaC, container scanning) to ensure issues are caught early, before they impact production
- Perform code and system security assessments, then partner with developers to triage and remediate vulnerabilities quickly and effectively
- Conduct architectural reviews to uncover design-level risks, clearly documenting threats and mitigation strategies that shape secure system designs
- Champion secure coding practices through education and engagement, helping teams adopt a security-first mindset in their workflows
- Contribute to security policies, design standards, and development guidelines that raise the security bar across the company
- Continuously assess and strengthen our AWS cloud environments (and other cloud platforms) to reduce risk and increase resilience
- Proactively detect and remediate misconfigurations in IAM, networking, encryption, and workloads to minimize exposure and reduce risk
- Collaborate with DevOps to secure infrastructure-as-code by implementing automated policy enforcement and cloud security benchmarks
- Monitor and respond to alerts from security tools (IDS/IPS, SIEM, EDR), helping us to detect threats early and enable fast, informed responses
- Develop and maintain incident response plans, playbooks, and tooling to ensure swift and coordinated responses to security events
- Drive security-focused projects from start to finish, including tool rollouts, vulnerability remediation efforts, and cloud hardening initiatives
Preferred Qualifications
Professional certifications such as CCSP, CEH, CSSLP , AWS Certified Security - Specialty or equivalent are highly desirable
Benefits
- Comprehensive Medical, Dental, Vision & Life insurance
- HSA (with employer match), FSA, & DCFSA
- 401(k)
- 11 Paid Company Holidays
- Location Flexibility (Remote-first company!)
- Flexible PTO policy
- Annual company-wide offsite
- Periodic team offsites
- Annual equipment stipend