Senior Application Security Engineer
$130,000–$160,000 year
Remote · United States
Job Summary
Senior Application Security Engineer at Fabric Health responsible for owning the application security practice, embedding security across the SDLC, and building tooling/automation to protect PHI and ensure HIPAA, SOC 2, and HITRUST compliance. Role involves secure development with Ruby on Rails, Python, React, and Node.js; threat modeling and application penetration testing; implementing SAST/DAST within CI/CD; leading security training and incident response; and collaborating closely with engineering to drive remediation while balancing fast delivery. Bonus focus on healthcare security (PHI/EHR integration) and security certifications.
Required Qualifications
- 5+ years of experience in application security with hands-on experience in security assessments, penetration testing, and secure code review
- Proficiency in at least one language in Fabric's stack: Ruby, Python, JavaScript/TypeScript, or similar
- Experience integrating SAST and DAST tooling into CI/CD pipelines
- Deep understanding of the OWASP Top 10 and common application vulnerabilities
- Experience with threat modeling methodologies
- Familiarity with cloud security in AWS environments
- Understanding of HIPAA or other regulated industry security requirements
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.