Staff Software Engineer - Security

Summary

Join Dandy, a rapidly growing tech company transforming the dental industry, as their first dedicated Staff Security Engineer. This role offers significant autonomy to build the company's security infrastructure from the ground up, making a direct impact on protecting the platform and customer data. You will collaborate with engineering teams, design secure application architectures, provide expert guidance on secure coding practices, and lead vulnerability management efforts. The ideal candidate will have 8+ years of hands-on cybersecurity experience, a deep understanding of web application and API security, and proven ability to lead technical efforts in vulnerability remediation. This position requires strong communication and collaboration skills and offers the opportunity to champion a security-first engineering culture.

Requirements

• 8+ years of progressive, hands-on experience in cybersecurity, with strong emphasis on application security, secure design, and vulnerability management
• Deep understanding of web application and API security, including common vulnerabilities, secure software architecture, and threat modeling
• Experience collaborating directly with software engineering teams to guide implementation of secure development practices and influence technical design decisions
• Proven ability to lead technical efforts in vulnerability identification, triage, and remediation across both application code and cloud infrastructure
• Hands-on experience implementing and operating security tooling as well as basic infrastructure level controls
• Demonstrated experience leading or significantly contributing to security incident response efforts, including log and forensic analysis
• Strong communication and collaboration skills; able to influence without authority and guide teams toward secure-by-default outcomes

Responsibilities

• Collaborate with engineering teams to design and implement secure application architectures, influencing the development of new features with security in mind from the start
• Provide expert guidance on secure coding practices, API security, authentication/authorization patterns, and data protection throughout the software development lifecycle
• Lead vulnerability management efforts, including identifying risks in applications and infrastructure (using both automated and manual methods), prioritizing findings, and coordinating remediation with engineering teams
• Evaluate, select, and drive adoption of application and infrastructure security tools — such as SAST, DAST, SCA, container scanning, etc. — ensuring they are well integrated into developer workflows
• Define and help implement incident response processes and playbooks; act as a senior technical contributor during incident investigations, supporting teams through forensics, containment, and recovery
• Partner with the infrastructure team to establish guardrails and controls across GCP environments, including identity and access management, network security, and container hardening
• Champion a security-first engineering culture by providing practical education, mentoring, and hands-on support to help teams build secure systems confidently and efficiently

Preferred Qualifications

• Experience securing services that handle sensitive data, like PHI, and an understanding of data protection principles
• Proficiency in integrating security tools and practices into CI/CD pipelines (DevSecOps)
• Strong scripting/automation skills (e.g., Python, Bash, etc.) for security tasks
• Relevant industry certifications (e.g., OSCP, GWAPT, GCSA, GCP Professional Cloud Security Engineer, CISSP – focusing on technical certs)
• Experience as an early or foundational security hire in a growing tech company

Benefits

• Healthcare
• Dental
• Mental health support
• Parental planning resources
• Retirement savings options
• Generous paid time off