Senior Security Engineer, Apps jobs in United States
cer-icon
Apply on Employer Site
company-logo

Hinge Health · 1 day ago

Senior Security Engineer, Apps

positionSan Francisco, CA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$192K/yr - $230K/yr
date3+ years exp

Hinge Health is a company that leverages software, including AI, to automate care for joint and muscle health. They are seeking a Senior Security Engineer to join their Application Security team, responsible for integrating security within the Software Development Life Cycle and collaborating with product and engineering teams to ensure secure application development.

Health CareMedicalTherapeutics
check
H1B Sponsor Likelynote

Responsibilities

Implement and maintain automated security scanning tools (SCA, SAST, DAST) and perform manual and AI assisted security assessments including source code review to identify and remediate vulnerabilities in Hinge Health web applications, mobile applications and API endpoints
Enable the product teams to create secure by design product features and services by working alongside product managers and engineers during the design phase of projects including Generative AI projects
Assist with third party security assessments and penetration tests of Hinge Health web applications, API endpoints, and mobile applications, including interpretation of results and verification of remediations
Contribute to the improvement of Software Development Life Cycle management policies, procedures, and standards

Qualification

Application SecurityAutomated Security TestingWeb Applications SecurityMobile Applications SecurityAPI SecurityOAuth 2.0SAMLIncident HandlingThreat ModelingHITRUST CSFNIST FrameworkGenerative AI SecurityPythonGoRuby on RailsReactNativeTypescriptTerraformCollaboration

Required

3+ years of experience in application security, product security, or related security engineering roles
Experience securing web applications, mobile applications (iOS/Android), or API endpoints
Experience with automated security testing, including configuring and automating security scans as part of the CI/CD process, and interpreting the results and working directly with engineers on prioritization and remediation
Experience in examining source code in multiple languages to evaluate security controls and identifying common coding and design vulnerabilities. Experience with OWASP Top 10 and other common security flaw patterns
Demonstrated ability to collaborate with engineering and product teams to address security concerns

Preferred

Experience securing applications in Health Care, securing ePHI and HIPAA/HITECH regulations
Experience with modern authentication and authorization technologies including OAuth 2.0, OIDC, SAML, JWT validation, SSO integrations, MFA/OTP implementations, API tokens, and identity platforms such as Auth0 or Okta. Understanding of session management, refresh tokens, and secure authentication flows for B2C, B2B, and M2M use cases
Experience assessing the security and safety of Generative AI LLM solutions and in evaluating and implementing solutions for their continuous monitoring
Familiarity with HITRUST CSF and NIST control frameworks
Experience in Threat Modeling
Experience performing security assessments and secure design of hardware and firmware of medical devices communicating over Bluetooth
Experience with any of the following, deploying web based services on AWS infrastructure, Kubernetes, Typescript, ReactNative, Python, Go, Ruby on Rails, GraphQL, IaC using Terraform
Incident Handling: Be able to work as a subject matter expert in the security controls, internal communications, and infrastructure of Hinge Health applications during security incidents

Benefits

Inclusive healthcare and benefits: On top of comprehensive medical, dental, and vision coverage, we offer employees and their family members help with gender-affirming care, tools for family and fertility planning, and travel reimbursements if healthcare isn’t available where you live.
Planning for the future: Start saving for the future with our traditional or Roth 401k retirement plan options which include a 2% company match.
Modern life stipends: Manage your own learning and development

Company

Hinge Health

twittertwittertwitter
Glassdoor3.7
company-logo
Hinge Health is a digital clinic for joint, and muscle care, pelvic pain, bowel, and bladder control.
dateFounded in 2015
location
San Francisco, California, USA
people-size1001-5000 employees
web-link
http://hingehealth.com/

H1B Sponsorship

Hinge Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (32)
2024 (18)
2023 (9)
2022 (17)
2021 (13)
2020 (7)

Funding

Current Stage
Public Company
Total Funding
$1.03B
Key Investors
Bessemer Venture PartnersInsight PartnersAtomico
2025-05-22IPO
2021-10-28Series E· $400M
2021-10-28Secondary Market· $200M

Leadership Team

leader-logo
Daniel Perez
Co-Founder, CEO
linkedin
leader-logo
Gabriel Mecklenburg
Co-founder, Executive Chairman
linkedin

Recent News

TCV
TCV Portfolio
2026-01-08
Benzinga.com
Beyond The Numbers: 5 Analysts Discuss Hinge Health Stock
2026-01-06
PitchBook
2025’s mixed bag for newly public VC-backed companies
2025-12-24
Company data provided by crunchbase