Head of Security Engineering

Responsibilities

• Scale and lead a security engineering organization by hiring and managing a team covering Risk, Compliance, Threat Management, and Product Security
• Build and own the security roadmap to transition the company toward an enterprise-grade security posture
• Drive security prioritization at the leadership level, advising the executive team on risk mitigation strategies
• Lead trust and transparency efforts by overseeing rituals associated with HIPAA, SOC2, SOC1, PCI, and HITRUST
• Act as a security evangelist to promote a security-first culture across all departments
• Manage third-party relationships, including penetration testing vendors and reviewing vendor security for integrations

Requirements

• 10+ years of experience in security engineering
• Proven track record of building and leading teams in startup or scaled environments
• Expertise in security compliance rituals and driving organizational outcomes
• Strong knowledge of HIPAA and handling sensitive information
• Ability to audit systems, networks, and IT setups
• Experience managing complex technical surface areas and high-stakes security challenges

About the Company

Candid Health is building the infrastructure to modernize healthcare billing. We are a security-first, compliant organization dedicated to protecting customer data and ensuring data integrity for our patients and partners. We value humility, truth-seeking, and a relentless focus on customer outcomes.