Senior Software Security Engineer

Position Summary

League is seeking a Software Security Engineer to join our Security Engineering org and focus full-time on building internal security tooling and security-by-design engineering capabilities across our healthcare platform ecosystem.

This is a highly hands-on software engineering role focused on developing custom security infrastructure developer security tooling and automation systems that strengthen Leagues platform security posture at scale. You will work closely with Security Platform Engineering Infrastructure and Product Engineering teams to build tools and workflows that improve secure software delivery automate security operations and protect sensitive healthcare and member data.

This is not a governance audit or advisory-only role. We are looking for an engineer who writes production-quality code builds scalable systems and applies strong software engineering principles to solve complex security challenges in a modern cloud-native environment.

As League continues scaling AI-native healthcare experiences and enterprise platform capabilities security engineering plays a critical role in ensuring our systems remain secure resilient compliant and developer-friendly.

What You will do:

Security Tooling & Platform Engineering

• Design build and maintain custom internal security tooling used across Leagues engineering organization

• Develop automation systems that improve application security secrets management identity management and secure software delivery workflows

• Build developer-friendly security tooling integrated into CI/CD pipelines and internal engineering platforms

• Create scalable systems for vulnerability detection remediation automation policy enforcement and security telemetry collection

Secure Software Development

• Write secure maintainable production-quality code across backend services APIs and cloud-native systems

• Develop security services and APIs supporting authentication authorization secrets management and access governance

• Build and maintain tooling around OAuth/OIDC flows token lifecycle management RBAC service authentication and secure session handling

• Improve secure-by-default engineering practices across Leagues platform ecosystem

Cloud & Infrastructure Security

• Build and automate cloud security controls across AWS GCP and Kubernetes environments

• Develop tooling for infrastructure security workload identity encryption management and runtime protection

• Partner with Platform Engineering teams to strengthen container security Kubernetes security posture and infrastructure hardening

• Improve observability and monitoring for security events anomalous behavior and operational risk

AI & Security Innovation

• Build security capabilities that support AI-native engineering workflows and AI-powered healthcare experiences

• Evaluate emerging AI-assisted security tooling and identify opportunities to improve engineering productivity and platform protection

• Develop secure workflows and controls around AI-enabled systems and sensitive healthcare data usage

Cross-Functional Collaboration

• Partner closely with Security Infrastructure Platform Engineering Compliance and Product Engineering teams to drive secure engineering practices

• Translate security concepts into practical engineering solutions that improve developer experience and operational efficiency

• Support security incident response root cause analysis and remediation efforts when required

What You Bring

• 5 years of software engineering experience with strong focus on security engineering platform engineering or infrastructure security.
• Experience building internal engineering or security tooling in cloud-native production environments.
• Strong hands-on backend engineering experience building APIs services and automation systems.
• Experience implementing secure authentication and authorization systems in production applications.
• Experience working in regulated or high-trust environments such as healthcare fintech or enterprise SaaS is strongly preferred.
• Experience integrating security tooling into CI/CD pipelines and developer workflows.
• Experience working with Kubernetes and distributed systems in production environments.
• Experience working with AI-enabled systems AI-assisted engineering workflows or LLM-based applications is considered a strong asset.

• Use AI tools as part of your daily workflow to enhance productivity problem-solving and decision-making (e.g. drafting analysis coding research or process automation)
• Apply judgment and accountability when using AI by reviewing outputs for accuracy bias and quality before use
• Continuously learn and adapt as new AI tools and capabilities emerge incorporating them into your ways of working
• Identify opportunities to improve how work gets done from personal productivity to team-level workflows by leveraging AI effectively
• Operate with strong data responsibility and security awareness especially when working with sensitive or regulated information

• Individual Contributors: Use AI to improve personal productivity and quality of output
• Senior ICs / Managers: Integrate AI into team workflows and improve processes
• Leaders: Drive AI adoption at the organizational level and shape how work is done across teams

• Demonstrated experience using AI tools in a practical responsible way
• Curiosity and openness to experimenting with new technologies
• Ability to balance efficiency with quality and sound judgment

Security-Related Responsibilities

• Ensure access management is performed in compliance with the employees role and responsibilities
• Responsibility and accountability for executing Leagues policies and procedures within the department/ team
• Notification of HR Legal Compliance & Security of any incidents breaches or policy violations
• Compliance with Information Security Policies

• You should receive a confirmation email after submitting your application.
• A recruiter (not a computer) reviews all applications at League.
• If we see alignment with Leagues needs a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
• The final step is an offer which we hope you will accept!
• Prior to joining us we conduct reference and background checks. Additional checks could be required for US Candidates depending on the role you are exploring.