Staff Security Engineer

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us. Maven's award-winning digital programs provide clinical, emotional, and financial support all in one platform, spanning fertility & family building, maternity & newborn care, parenting & pediatrics, and menopause & midlife. More than 2,000 employers and health plans trust Maven's end-to-end platform to improve clinical outcomes, reduce healthcare costs, and provide equity in benefits programs. Recognized for innovation and industry leadership, Maven has been named to the Time 100 Most Influential Companies, CNBC Disruptor 50, Fast Company Most Innovative Companies, and FORTUNE Best Places to Work. Founded in 2014 by CEO Kate Ryder, Maven has raised more than $425 million in funding from top healthcare and technology investors including General Catalyst, Sequoia, Dragoneer Investment Group, Oak HC/FT, StepStone Group, Icon Ventures, and Lux Capital. To learn more about Maven, visit us at mavenclinic.com.

An award-winning culture working towards an important mission –  Maven Clinic is a recipient of over 30 workplace and innovation awards, including:

Fortune Change the World (2024)

CNBC Disruptor 50 List (2022, 2023, 2024)

Fortune Best Workplaces for Millennials (2024)

Fortune Best Workplaces in Health Care (2024)

TIME 100 Most Influential Companies (2023)

Fast Company Most Innovative Companies (2020, 2023)

Built In Best Places to Work (2023)

Fortune Best Workplaces NY (2020, 2021, 2022, 2023, 2024)

Great Place to Work certified (2020, 2021, 2022, 2023, 2024)

Fast Company Best Workplaces for Innovators (2022)

Built In LGBTQIA+ Advocacy Award (2022)

What You’ll Do

Security Platform Engineering

Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance

Build and maintain systems for identity, authentication, and access management (Okta / GCP IAM / Auth0/ OPA)

Implement observability and anomaly detection across microservices, data stores, and SaaS platforms

Establish Zero Trust principles and enforce least-privilege access company-wide

Develop compliance observability dashboards and automated evidence collection

Security Automation & Tooling

Create self-service security tools that integrate with developer workflows (GitLab CI/CD, Terraform)

Automate onboarding/offboarding, access reviews, and approvals

Integrate software-supply-chain security (SBOM, dependency scanning)

Develop or adopt AI-assisted security tooling to proactively identify risks

Automate policy enforcement, SAST/DAST scans, and compliance verification

Application & Data Security

Lead threat modeling and security architecture reviews for new products and services

Partner with product and data teams to embed secure-by-default design patterns

Ensure encryption, access tracking, and secure data handling across PHI workflows

Contribute to incident response, post-mortems, and continual improvement of security posture

Leadership & Collaboration

Act as Maven’s technical authority for security engineering

Mentor peers and promote secure coding and architecture practices

Partner cross-functionally (Engineering, Compliance, Clinical, Legal) to align on security strategy

Champion an engineering culture of transparency, accountability, and continuous improvement

What You’ll Bring

Required

8+ years of software engineering experience, including 3+ in security infrastructure or application security

Proven ability to design and implement large-scale, distributed, cloud-native systems

Strong coding proficiency in Python, TypeScript, Go and/or Rust

Deep understanding of cloud security (GCP preferred; AWS/Azure welcome)

Experience With Kubernetes, Containers, And Infrastructure-as-code (terraform)

Familiarity with security testing frameworks and secure SDLC principles

Excellent communication and documentation skills

Preferred

Expertise in Zero Trust architectures, authentication/authorization frameworks, and data-loss prevention

Experience With Security Compliance Automation (soc 2, Iso 27001, Pci-dss, Nist)

Background in data security telemetry and threat detection

Familiarity with AI/ML security and AI-assisted analysis tools

Exposure to supply-chain security and CI/CD pipeline hardening

Certifications (cissp, Gcp Professional Cloud Security Engineer, Oscp) A Plus

What Makes You A Great Fit

You take a pragmatic, automation-first approach to solving security problems

You balance rigor with velocity, enabling teams to move quickly without compromising trust

You communicate clearly with both technical and non-technical stakeholders

You’re curious, adaptable, and eager to lead initiatives from concept to production

You care deeply about our mission—building safer, smarter healthcare for women and families

The base salary range for this role is $221,000 - $260,000 per year. You will also be entitled to receive equity and benefits. Individual pay decisions are based on a number of factors, including qualifications for the role, experience level, and skillset.

Maven embraces a flexible hybrid work model. Our teams primarily operate from the New York Metropolitan area, NY, and remotely via San Francisco/Bay Area, CA, Seattle, WA, Boston, MA, Chicago, IL, and Washington, D.C. For those in our New York City office, we encourage in-person collaboration by requiring team members to work onsite three days a week  (Tuesday, Wednesday, Thursday). For those based in San Francisco/Bay Area, CA, Seattle, WA, Boston, MA, Chicago, IL, and Washington, D.C., we encourage in-person collaboration by requiring team members to attend quarterly Work Together Days within these cities. This policy aims to balance remote work flexibility with the benefits of face-to-face interaction.

At Maven we believe that a diverse set of backgrounds and experiences enrich our teams and allow us to achieve above and beyond our goals. If you do not have experience in all of the areas detailed above, we hope that you will share your unique background with us in your application and how it can be additive to our teams.

Benefits That Work For You

Our benefits are designed to support your health, well-being and career development, helping you thrive both personally and professionally. We remain focused on providing a competitive benefits package for our employees. On top of standards such as employer-covered health, dental, and insurance plan options, we offer an inclusive approach to benefits:

Maven for Mavens: access to the full platform and specialists, including care for mental health, reproductive health, family planning and pediatrics.

Whole-self care through wellness partnerships

Hybrid Work, In Office Meals, And Work Together Days

16 weeks 100% paid parental leave and new parent stipend (for Mavens who've been with us for 1 year+)

Annual professional development stipend and access to a personal career coach through Maven for Mavens

401K matching for US-based employees, with immediate vesting

These benefits are applicable to Maven Clinic Co., US-based, full-time employees only. 1099/Contract Providers are ineligible for these benefits.

Maven is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Maven is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Maven Clinic interview requests and job offers only originate from an @mavenclinic.com email address (e.g jsmith@mavenclinic.com). Maven Clinic will never ask for sensitive information to be delivered over email or phone.

If you receive a scam issue or a security issue involving Maven Clinic please notify us at:

security@mavenclinic.com

.

For general and additional inquiries, please contact us at

careers@mavenclinic.com

.