About the RoleWe're hiring a Senior Software Engineer, Security to own application security across our product platform - APIs, integrations, payments infrastructure, and the developer ecosystem built on top of our Synchronizer.
This is a hands-on engineering role, not a compliance or audit function. You'll write code, design secure systems, review architecture, and embed security into the way we build - working directly alongside product engineering teams from the earliest stages of design. Data is at the center of everything we do, which means the security bar here is high and the work is meaningful. Moreover as a health tech company, we have the highest levels of responsibility towards safeguarding patient and customer data across all the facilities and services NexHealth provides.
You'll report to engineering leadership and work closely with both product and platform teams.
What You'll Do- Design and build secure systems across our APIs, EHR integrations, payments infrastructure, and SaaS products
- Lead threat modeling and security design reviews for new features - embedded in the development process, not bolted on at the end
- Identify and remediate vulnerabilities in application code, dependencies, and infrastructure
- Improve authentication, authorization, and access control systems across our platform (OAuth, RBAC, service-to-service auth)
- Integrate and maintain security tooling in our CI/CD pipelines - SAST, DAST, dependency scanning
- Contribute to secure coding standards, internal libraries, and developer-facing security frameworks
- Support HIPAA and SOC 2 compliance through strong system design and documentation
- Help raise the security bar across the engineering org through code reviews, education, and pairing with developers
What You'll Bring- 5+ years of software engineering experience, with 1-3+ years focused on application or product security
- Experience building and securing backend systems in Python, Go, Java, or similar languages
- Solid understanding of common vulnerabilities and mitigations (OWASP Top 10 and beyond)
- Hands-on experience securing APIs and implementing authentication/authorization systems (OAuth 2.0, JWT, RBAC)
- Experience working in cloud environments - we run on AWS and Google Cloud
- Familiarity with security tooling: SAST, DAST, dependency scanning
- Bachelor's degree in Computer Science, Engineering, or equivalent practical experience
CompensationActual salaries will vary depending on factors including but not limited to location, experience, and performance. The range listed is just the base salary component of NexHealth's total compensation package for employees. Other benefits may include stock options, an unlimited paid time off policy, and up to 100% coverage on medical, vision and dental insurance.
NexHealth Compensation Range
$165,000-$230,000 USD
Benefits- Full Medical, Dental, and Vision (up to 100% covered)
- 401K and commuter benefits
- Flexible PTO
- High-impact work that directly improves the healthcare experience for millions
