Listing Description

Senior Security Engineer, Product Security

We are looking for a dedicated Security Engineer to join our growing team here at Thirty Madison! This Cloud Security Engineer will be working alongside an existing team of experienced security engineers and partnering closely with technologists across the company to help build the future of digital health security and protect our patients! We serve our patients from end to end, and security works the same way, all the way from the deepest infrastructure to the patient experience, we want our patients to be safer by being with Thirty Madison. Above all, you embody the Thirty Madison mission of providing access to healthcare for all who suffer from chronic conditions.

Comp | Perks | Benefits

• The base pay range for this position is 148,720 - 204,490 per year.**


• Competitive Salary + Annual Incentive Plan + Stock Option Package


• Robust and affordable Health, Dental, and Vision plan options


• 401k with a match, commuter benefits, and FSA


• Annual $750 vacation stipend and $500 happiness stipend


• Flexible time off policy


• Career growth opportunities

** Within the range, individual compensation will be determined through a wide variety of factors including but not limited to education, experience, knowledge, and skills. Please note that the compensation range listed reflects the base salary only, and does not include incentive target, equity, or benefits.”

What you get to do every day

• Foster and enable a secure by default culture. Devise and bolster defense-in-depth through secure-by-default frameworks, architectures and processes.


• Partner with the company’s Product team, Software Engineering team, DevOps, and Services teams to help deliver secure products and services for our patients and doctors.


• Perform security risk assessments, adhoc penetration security testing, threat modeling, and develop/conduct education on secure coding.


• Manually review the source code to get a deep understanding of our products.


• Develop security requirements, collaborate with teams to enable these requirements for building secure applications and services.


• Design solutions and processes to identify, resolve and mitigate security vulnerabilities and risks.


• Research threats and attack vectors that impact Thirty Madison’s applications and infrastructure.

What you bring to the role

• Strong ability to practically prioritize based on security risks than vulnerabilities.


• Ability to work with product managers and product teams and service teams rather than just engineers. The individual should deeply care about the products and their functionality.


• Person who can drive a product security roadmap with collaboration with other teams.


• Experience with microservice architectures, preferred experience with EKS.


• Someone who is not just talking about SAST, DAST, SBOM tooling but has been in scenarios that requires rolling up the sleeves and getting to know the code and can come up with a deep understanding of our source code.


• They must have an ability to code to automate tedious tasks.


• Needs to be able to code, build frameworks, or services that solve security challenges in our products.


• Strong collaboration skills with the wider security team and engineering at Thirty Madison