Staff Engineer, Security

Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for accessibility is more important than ever. To make our vision for mental healthcare a reality, we’re building a team of entrepreneurs and mission-driven go-getters. Since launching in February 2021, we’ve empowered more than ten thousand therapists and hundreds of thousands of clients across the country and insurance landscape. We’ve raised more than $328Mm in funding, including our Series D, at a $3B valuation from Sequoia Capital, Transformation Capital, TCV, SignalFire, Menlo Ventures, Goldman Sachs Alternatives, and others.

We're looking for a Staff Security Engineer to serve as the technical backbone of our Security Engineering function at Grow Therapy. You'll be the most senior hands-on engineer on the Security team — equal parts strategist and builder — responsible for shaping and executing a multi-year Security roadmap that protects our customers, enables our engineering organization, and helps Grow scale with trust at its core. Reporting into the Head of Security and collaborating closely with our VP of Engineering, you'll work across Product, Platform, Cloud, Compliance, Clinical, and beyond. This isn't a siloed security role: it's an opportunity to architect the secure-by-default foundation that every team at Grow builds on — and to influence how security culture is practiced, democratized, and celebrated across the company.

• Define and drive the Security Engineering North Star. Lead the development of a consolidated, multi-year Security Engineering vision — conducting gap analyses, aligning with key stakeholders, and translating strategy into an executable roadmap that teams across the organization can rally behind.

• Lead the charge on AI-native Security: Security sits within Grow’s Internal Foundations pillar, which is building company-wide infrastructure to support AI adoption. We build AI tools Security, Engineering, and the company at large. You’ll be in an incredible position to influence safe and thoughtful adoption of AI tooling at the enterprise level.

• Build secure-by-default infrastructure. Design, build, and roll out foundational security services — including unified authentication, authorization, audit logging, and egress control — so that engineering teams can build fast without compromising on security.

• Own data security at scale. Drive systematic data tagging across Grow's production data models, aligning with our Data Classification Policy to ensure every datastore is compliant with security controls and observable by the teams who own it.

• Champion security visibility and accountability. Build company-wide security scorecards so every team has a clear, real-time view of their security posture — turning security from a periodic audit into a continuous, embedded practice.

• Enable and empower the engineering organization. Partner deeply with engineering, platform, and product teams to deliver high-leverage, secure-by-default services — reducing the burden on individual teams while raising the security floor across Grow. Drive automated Least Privilege and systematic Vulnerability Management as org-wide capabilities.

• You bring deep, multi-domain security expertise — you've operated meaningfully across Product Security, Cloud Security, Data Security, Access Governance, and/or Detection & Response, and you know how to connect the dots between them.

• You have recent, hands-on engineering experience — you're comfortable writing code, contributing to security infrastructure, and doing system design reviews, not just advising from the sidelines.

• You've built security programs at scale — you've designed and shipped org-wide processes like Security Review, Secure Design, Security Champions, and Security Metrics Reporting at a previous company.

• You're a clear, compelling communicator — you can present security strategy and risk to non-technical audiences (including executives and clinical stakeholders) with precision, empathy, and confidence.

• You're energized by ownership and ambiguity — you thrive when given a blank canvas, know how to prioritize ruthlessly, and can move fluidly between long-term vision and near-term execution.

Full Time Employee Benefits:

• Comprehensive Health Coverage: Medical, dental, and vision insurance, plus life and disability coverage.

• Parental Leave & Family Support: Up to 18 weeks paid leave and a new child stipend.

• Financial Wellness: 401(k) program and equity opportunities.

• Meals & Home Office Support: Stipends for home office setup and ongoing funds for meals, with tailored perks for both remote and in-office employees.

• Time Off to Recharge: Flexible PTO, 12 paid holidays, and a full winter break week.

• Wellness & Development: Annual stipends to put towards personal & professional growth.

• Mental & Physical Health Support: No-cost access to therapy through the Grow platform, weekly flexible hours for self-care (“Mental Health Mornings/Afternoons”) and memberships to leading wellness apps (such as One Medical, Headspace, and Talkspace).

• Extra Perks: Pet insurance discounts, commuter benefits, and global travel assistance.

Research shows that some groups hesitate to apply unless they meet every qualification. If you’re excited about this role but don’t check every box, we encourage you to apply. At Grow, we value diverse experiences, transferable skills, and the unique strengths each person brings.

Grow Therapy is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Use of AI Tools: By submitting your application, you acknowledge and consent to the use of automated tools as part of our recruitment process. Specifically, we use a third-party AI tool, Gem, to assist in the initial screening of resumes. This tool analyzes resumes based on role-specific criteria provided by our recruiters to identify potentially strong matches for the role. Importantly, no hiring decisions are made by the AI tool. All decisions about which candidates move forward are made by our human recruiting team after independent review.More information about Gem’s approach to compliance with California FEHA regulations on automated decision systems and New York Local Law 144 can be found on the Gem compliance website.We are committed to transparency and fairness in our hiring practices. If you have questions about how our AI tools work, or would like more information about how your application will be processed, please contact us at [email protected]. If you require an accommodation due to a disability, or have concerns about the use of AI in the hiring process, please also contact us. We are happy to provide assistance or offer an alternative method of participating in the recruitment process.