Staff Security Engineer

Position Summary

Leagues security engineering teams are responsible for scaling security in the development lifecycle and vulnerability management. We believe in security by design and follow a paved road philosophy by building or buying tools that we can integrate into our platform to ultimately make it easier for our engineers to do the right thing. Security is everyones responsibility but security engineering is how we make it possible for engineers to ship high quality code to production several times per day with security baked in.

As a Staff Security Engineer at League you will be a principal technical leader helping to set the long-term security architecture and strategy across our entire platform infrastructure and engineering organization.

You will move beyond incremental improvement to solve the highest-impact most ambiguous and most foundational security problems. You will define the paved road by designing common security components frameworks and reference architectures that make it nearly impossible for engineers to ship insecure code. You are expected to not only execute but also to help define the technical strategy for scaling security by design across a high-growth health tech environment. This role has system-level impact driving security and compliance controls directly into the foundational fabric of Leagues technology

About the Role

• Architectural Leadership: Help define and champion the long-term technical security roadmap architecture patterns and standards for Leagues applications infrastructure and multi-cloud environment.
• Cross-Functional Strategy: Act as the primary security technical partner and consultant to Platform Product and executive leadership driving alignment on multi-quarter security initiatives.
• Security Design Governance: Lead high-stakes complex security design and architecture reviews (STRIDE/threat modeling) for new services and core platformmigrations ensuring all foundational systems meet strict health data compliance requirements.
• Risk & Vulnerability Strategy: Design implement and automate organization-wide frameworks for continuous vulnerability management and detection moving beyond manual triage to scalable remediation systems.
• Due Diligence Expertise: Architect the security due diligence program for critical third-party vendors and partnerships that handle sensitive customer data setting non-negotiable architectural requirements.
• Mentorship & Elevation: Actively mentor Senior and mid-level security engineers fostering a culture of security architecture excellence and technical leadership within the team and across the organization.

About You

• 8 years of progressive experience in security engineering with at least 2 years operating at the Senior or Principal Engineer level.
• Deep expertise in cloud security architecture (AWS GCP or Azure) focusing on securing containerization (Kubernetes) cloud IAM and infrastructure as code (Terraform).
• Proven track record of successfully leading and delivering large-scale cross-organizational security initiatives from concept through production deployment.
• Ability to write secure production-grade code in languages like Python Go Java or TypeScript to build automation tools and scalable security services.
• Demonstrates experience designing and implementing controls and architectural mandates to achieve and maintain compliance with HIPAA or HITRUST.
• Mastery of application security including secure development lifecycle (SDLC) integration authentication/authorization protocols (OAuth OIDC) and common attack vectors.

Security-Related Responsibilities

• Ensure access management is performed in compliance with the employees role and responsibilities
• Responsibility and accountability for executing Leagues policies and procedures within the department/ team
• Notification of HR Legal Compliance & Security of any incidents breaches or policy violations
• Compliance with Information Security Policies

• You should receive a confirmation email after submitting your application.
• A recruiter (not a computer) reviews all applications at League.
• If we see alignment with Leagues needs a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
• The final step is an offer which we hope you will accept!
• Prior to joining us we conduct reference and background checks. Additional checks could be required for US Candidates depending on the role you are exploring.