[Remote] Lead Security Engineer

Note: The job is a remote job and is open to candidates in USA. Hinge Health is a company focused on using technology to improve healthcare delivery, particularly for musculoskeletal conditions. They are seeking a Lead Security Engineer to build security guardrails and standards for their AI-assisted development platform, ensuring compliance and privacy while enabling fast and safe engineering practices.

Responsibilities

• Audit current cloud security posture and IAM architecture across our AWS environment; build relationships with key stakeholders in Application Security, SRE, and R&D Engineering
• Assess existing AI-assisted development tooling (Claude Code, Cursor, MCP gateway) for security risks and begin developing a governance framework
• Design and implement AI-driven tools and workflows to enhance security monitoring, threat detection, incident response, and IAM governance
• Develop and enforce policies and protocols to protect AI tools and platforms from misuse, data breaches, and external threats — including secure agent sandboxing and MCP server governance
• Deliver IAM solutions enabling secure, granular access controls that enforce least privilege principles, utilizing automation and AI for privilege escalation and approvals
• Own the security strategy for AI-enabled development and cloud infrastructure, acting as the primary subject matter expert for security engineering across the organization
• Ensure all compliance regulations — including HIPAA, privacy, and relevant security frameworks — are met for new services, AI tooling, and infrastructure
• Develop and drive cybersecurity initiatives related to incident response, threat intelligence, vulnerability management, and monitoring tools
• Mentor team members in adopting new security tools and processes; educate the broader organization through knowledge-sharing sessions and author clear technical proposals with measurable security OKRs

Skills

• Bachelor's degree in a technical, engineering, or scientific field — or comparable education/experience
• 7+ years in cybersecurity, with 3+ years focused on security operations or IAM
• 5+ years of experience in cloud security operations, specifically AWS
• 3+ years of coding experience (e.g., Python, Go, or TypeScript) with hands-on experience developing Terraform and infrastructure-as-code
• Hands-on experience securing AI/ML systems, including data pipelines, model deployments, API integrations, and their security challenges
• AWS Solutions Architect or Security Specialty certification
• AI/ML security certifications or familiarity with adversarial machine learning threats and mitigation strategies
• Experience building or integrating security controls into CI/CD pipelines and AI-assisted development workflows
• Experience managing an Enterprise IdP, especially Okta, with deep understanding of OAuth 2.0 and SAML
• SOC 2, PCI, or HIPAA audit/training certifications
• Knowledge of low-level networking principles

Benefits

• Inclusive healthcare and benefits: On top of comprehensive medical, dental, and vision coverage, we offer employees and their family members help with gender-affirming care, tools for family and fertility planning, and travel reimbursements if healthcare isn't available where you live.
• Start saving for the future with our traditional or Roth 401k retirement plan options which include a 2% company match.
• Modern life stipends: Manage your own learning and development.

Company Overview

Company H1B Sponsorship