Staff Security Engineer

at Pomelo Care
  • $200k-$220k
  • Remote - United States

Remote

Cybersecurity

Mid-level

Job description

About us

Pomelo Care is a multi-disciplinary team of clinicians, engineers and problem solvers who are passionate about improving care for moms and babies. We are transforming outcomes for pregnant people and babies with evidence-based pregnancy and newborn care at scale. Our technology-driven care platform enables us to engage patients early, conduct individualized risk assessments for poor pregnancy outcomes, and deliver coordinated, personalized virtual care throughout pregnancy, NICU stays, and the first postpartum year. We measure ourselves by reductions in preterm births, NICU admissions, c-sections and maternal mortality; we improve outcomes and reduce healthcare spend.

What you’ll do

Pomelo Care is seeking an experienced cybersecurity engineer to mature our security practices and contribute to our mission to ensure that our patients, clinicians and partners trust us implicitly. This is an exciting opportunity for someone who shares our commitment to information security to be part of a fast-paced environment that will push you to learn while doing.

As a Staff Security Engineer at Pomelo Care, you’ll be a key player in shaping our security posture, safeguarding sensitive healthcare data and enabling our engineering teams to build secure and compliant products. This role requires a versatile generalist with deep technical expertise, excellent software engineering fundamentals and the agility to thrive in a startup environment.

Key responsibilities will include:

  • Lead and execute critical cybersecurity initiatives, spanning areas like IAM/RBAC, Application Security, Cloud Security, Endpoint Security, CI/CD and supply chain security, SAST/DAST tooling, penetration testing, bug bounty management, Incident Response, DFIR and SaaS security.
  • Develop and implement security solutions and frameworks that proactively mitigate risks and address evolving threats.
  • Collaborate cross-functionally with engineering, product, compliance and executive teams to drive adoption of security best practices.
  • Own and continuously improve secure software development lifecycle (SDLC) processes and tools.
  • Serve as a subject matter expert and mentor, guiding and educating teams on cybersecurity principles, secure coding and threat modeling.
  • Participate directly in incident response activities, investigations and post-incident analysis.
  • Demonstrate humility, entrepreneurial spirit, strong communication skills and comfort contributing to a dynamic, cross-functional environment.

Who you are

  • 10+ years of hands-on experience in cybersecurity with a robust software engineering foundation.
  • Direct hands-on expertise in at least 2-3 key security areas (IAM, Application Security, Cloud Security, CI/CD security, Incident Response, etc.).
  • Curiosity and openness to learn new cybersecurity domains that may not be familiar.
  • Direct experience working in some parts of the full technology stack including Google Cloud Platform (GCP), Kotlin, React/Next.js, Swift, Expo, XCode, Android Studio, yarn, npm, Code Build, among others.
  • Previous cybersecurity experience within healthcare environments and startups, demonstrating familiarity with regulatory frameworks (e.g., HIPAA) and supporting security certifications such as SOC 2 Type 2 and HITRUST.
  • Strong technical background including full stack software development, system architecture and security fundamentals such as PKI, SAML, JWT, HMAC as well as MITRE ATT&CK and D3FEND frameworks and OWASP top ten mitigations.
  • Proven ability to thrive in agile environments, adapting quickly and wearing multiple hats to help scale security programs.
  • Strong problem-solving skills, excellent communication abilities, and a collaborative mindset.
  • Relevant industry certifications (e.g., CISSP, CISM, CCSP) are highly desirable. OSCP is a big plus.
  • Exceptional communication skills and the ability to convey complex security concepts to non-technical stakeholders.

This role plays a pivotal part in fortifying Pomelo Care’s security foundation, ensuring the confidentiality, integrity and availability of our information assets. If you are a seasoned security professional, we invite you to join our dynamic team and contribute to our ongoing commitment to information security excellence.

Why you should join our team

By joining Pomelo, you will get in on the ground floor of a fast-moving, well-funded, and mission-driven startup that always puts the patient first. You will learn, grow and be challenged – and have fun with your team while doing it.

We strive to create an environment where employees from all backgrounds are respected. We also offer:

  • Competitive healthcare benefits
  • Generous equity compensation
  • Unlimited vacation
  • Membership in the First Round Network (a curated and confidential community with events, guides, thousands of Q&A questions, and opportunities for 1-1 mentorship)

At Pomelo, we are committed to hiring the best team to improve outcomes for all mothers and babies, regardless of their background. We need diverse perspectives to reflect the diversity of problems we face and the population we serve. We look to hire people from a variety of backgrounds, including but not limited to race, age, sexual orientation, gender identity and expression, national origin, religion, disability, and veteran status.

Our salary ranges are based on paying competitively for our company’s size and industry, and are one part of the total compensation package that also includes equity, benefits, and other opportunities at Pomelo Care. In accordance with New York City, Colorado, California, and other applicable laws, Pomelo Care is required to provide a reasonable estimate of the compensation range for this role. Individual pay decisions are ultimately based on a number of factors, including qualifications for the role, experience level, skillset, geography, and balancing internal equity. Given that this role is open to candidates of different skill levels, determining a salary range is challenging. A reasonable estimate of the current salary range is $200,000 to $220,000. We expect most candidates to fall in the middle of the range.

#LI-Remote

Share this job:
Please let Pomelo Care know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Pomelo Care

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply