Application Security Engineer

Reimagine the infrastructure of cancer care within a community that values integrity, inspires growth, and is uniquely positioned to create a more modern, connected oncology ecosystem.
We're looking for a Security Engineer to join our Security Assessment team to help us accomplish our mission to improve and extend lives by learning from the experience of every person with cancer. In this role, you will be a key contributor to our vulnerability management program, ensuring the security and integrity of our tools across the entire organization.
What You'll Do
In this role you will report into the Security Assessment Team and will be a central part of the larger Information Security organization that works to keep our patient data and applications secure. Our team protects against threats to our business because we care about our patients and their quality of life. You'll work across various security specialties to automate and optimize current workflows, as well as create novel solutions to industry problems. In addition you will:

• Lead vulnerability management efforts across all domains, including application security (SAST and SCA) and cloud infrastructure (Infrastructure and IAM).
• Coordinate between a variety of teams and stakeholders to prioritize and remediate security findings, effectively managing conflicting priorities to make meaningful changes in our environment.
• Perform expert triaging of security tools results and penetration test findings to identify and escalate critical risks.
• Analyze vulnerability data and provide recommendations for continuous optimization of our security posture and assessment workflows.
• Advocate for security by teaching engineers and stakeholders how to integrate security into their daily workflows.
• Collaborate cross-functionally by working closely with engineering and DevOps teams to reduce friction and integrate security into development processes.
• Creatively think out of the box to identify and design improvements and automation in our team processes.

Who You Are
You're a kind, passionate, and collaborative problem-solver who values the opportunity to think beyond the way things are. You are an empathetic communicator who understands the impact of your work on both technical teams and the broader mission.

• You have at least 2-4 years of experience in security engineering or vulnerability management.
• You have a proven track record of coordinating between diverse teams with conflicting priorities to achieve successful outcomes.
• You possess excellent interpersonal communication skills and the ability to navigate complex organizational structures.
• You have a strong foundation in application security (web security, SAST, SCA) and a general knowledge of cloud architectures and deployment processes.
• You are able to deal with the ambiguity associated with working in a fast-paced and changing environment.

Extra Credit

• You have hands-on experience in software development (e.g., Python, Go, or C#/.NET).
• You have deep experience securing complex IAM policies and cloud-native infrastructure.

Where You Will Work
In this hybrid role, you'll have a defined work location that includes work from home and 3 office days set by you and your team. For more information on our approach to hybrid work, please visit the how we work website.
Life at Flatiron
At Flatiron Health, we offer a full range of benefits to support you and your loved ones so you can focus your working hours on improving cancer care and accelerating cancer research, and your non-working hours on everything else life has to offer:

• Work/life autonomy via flexible work hours and flexible paid time off
• Comprehensive compensation package
• 401(k) contribution to help you reach your retirement planning goals
• Financial health resources including 1:1 financial advice
• Mental well-being tools and services
• Parental benefits and policies including family-building care and generous leave
• Path to parenthood programs supporting fertility, adoption and surrogacy
• Travel support for safe healthcare services

In addition to our robust benefit offerings, visit our Life at Flatiron page to learn how we support continuous learning and celebrate inclusion and belonging in the workplace.
Preferred Primary Location: NY office
The annual pay range reflected above for this position is based on the preferred primary location of the role which is listed in the job description. Salary ranges for other locations vary from the range reflected above. Base pay offered may vary depending on job-related knowledge, skills, and experience. An annual bonus and equity may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered.