Remote Senior Application Security Engineer

Description:

• Virta Health is seeking a Senior Application Security Engineer to enhance their application security program as part of a growing Foundations team.
• The role involves securing Virta's applications and platform, ensuring security is integrated into the development lifecycle.
• Responsibilities include assessing current security controls in GCP and Kubernetes, championing secure development practices, designing and managing security tooling, evolving identity and access management strategies, improving network security architecture, establishing security policies, leading vulnerability management efforts, and promoting security awareness within the organization.
• The first 90 days will focus on understanding the company culture, learning existing systems, assessing security posture, prioritizing action plans, and starting hands-on work on foundational projects.

Requirements:

• Candidates must have significant hands-on experience in application security, including threat modeling, secure coding practices, vulnerability management, and security testing (SAST, DAST, IAST).
• A strong understanding of cloud-native applications and infrastructure security, particularly in GCP, is required.
• Proven ability to assess and mature existing security designs is essential.
• Experience with security automation and implementing controls using Infrastructure as Code (IaC) principles, such as Terraform, is necessary.
• Excellent communication skills to articulate complex security concepts and influence technical direction across teams are required.
• A proactive, self-directed approach with a strong sense of ownership is essential.
• Candidates should have a pragmatic approach to balancing security requirements with business needs and development velocity.
• Experience in regulated environments, such as healthcare or fintech, is a plus.
• A solid grasp of networking concepts, identity management (IAM), encryption, and common web application vulnerabilities (e.g., OWASP Top 10) is required.

Benefits:

• The compensation range for this role is $192,026 - $248,000, based on qualifications and experience.
• Virta Health offers a values-driven culture that emphasizes putting people first, ownership, positive impact, transparency, evidence-based practices, and risk-taking.
• As a remote-first company, employees have the flexibility to work from various locations, with office hubs in Denver and San Francisco.
• Security and privacy training will be provided to ensure compliance with HIPAA regulations regarding sensitive patient information.