Senior Security Software Engineer

Headway’s mission is a big one - to build a new mental health care system everyone can access. We’ve built technology that helps people find great therapists with the first software-enabled national network of providers accepting insurance. 1 in 4 people in the US have a treatable mental health condition, but the majority of providers don’t accept insurance, making therapy too expensive for most people. Headway is building a new mental healthcare system that everyone can access by making it easy for therapists to take insurance and scale their practice. Headway was founded in 2019 – since then, we’ve grown into a diverse, national network of over 30,000 mental healthcare providers across all 50 states who run their practice on our software. We’re a Series C company with over $225m in funding from a16z (Andreessen Horowitz), Accel, GV (formerly Google Ventures), Spark Capital, Thrive Capital, and Health Care Service Corporation.We want your time here to be the most meaningful experience of your career. Join us, and help change mental healthcare for the better.About the roleAs a member of Headway’s founding Security Engineering team, you’ll have the unique opportunity to be the builder and driver of our dedicated, in-house Security engineering efforts. In this role, you will partner with our Lead Security Engineer and Head of Infrastructure to design our next-generation security program, touching all aspects of Headway’s business and systems. You will both technically and organizationally execute security projects ranging from practice changes to technical architecture to security infrastructure development to penetration testing. We're looking for security-focused engineers with software engineering experience who are excited to tackle security challenges in partnership with our core product teams. Tools we use: Cloud security: LaceworkLanguages: Python 3, TypeScriptLibraries: FastAPI, SQLAlchemy, ReactDatastores: Postgres, RedisInfrastructure: AWS (Fargate, ECS, S3, and more), Spark and KafkaMonitoring: Datadog, PagerDutyVersion control: GithubVulnerability Management: Snyk, Semgrep Projects we’re working on:There is a lot that we're building at Headway, but here are a few projects to give you an idea of the problems we're tackling in security. Infrastructure security: Building and implementing tools that monitor the security posture of our infrastructure and provide for more secure access in a scalable manner as we grow.Application security: Building systems that provide guardrails and enable developers to do securityData security: Building systems and tools that monitor our data flows and access.  Who you are: You have technical experience with building secure platforms and products at a deep level. You are excited to perform security design and code reviews.You want to understand security systems and improve their efficiency and scalability.You enjoy tackling deep technical problems, sometimes operating as a leader of new security or engineering initiatives.You want to instill a culture of secure development across engineering and partner across teams to embrace security as a part of normal development.  Experience we’re seeking: 5+ years experience in security and/or software engineering roles with a demonstrated history of working on security-related projects or with responsibilities as a security generalistExperience across multiple (if not all) domains, such as infrastructure security, product security, application security, and/or data securityStrong cross-functional experiences, building relationships and driving impactful projectsThe ability and drive to continuously educate yourself and others You’ll love this role if you want to: Change the trajectory of a startup striving to redefine access to mental health in AmericaWork on a highly collaborative, cross-functional engineering team in order to build the best and most secure products for therapists, patients, physician and payer partners, and/or your teammates at HeadwayHelp establish and engrain best practices throughout our organizationContribute to our engineering culture, processes, and documentation with the same thought and care that we do our software (one of our engineering cultural principles is “Everything is a Product”) Our interview processAfter you apply to Headway, here are some details of what to expect during the interview process. Initial screen: You’ll connect with someone in recruiting so you can learn more about the team, Headway’s mission and exciting growth, and we can get a better idea of your background. First round: You'll meet with our Lead Security Engineer for introductions and an architecture interview. Final rounds: You’ll meet several more team members for technical and non-technical interviews, including our Head of Infrastructure who this role reports to, and leave with a fuller picture of what it’s like to work at Headway.References and the Offer: Our favorite part of the process We'll send over all of the details, including specifics on employee equity, and congratulatory messages from excited future team members Compensation and Benefits: Salary information is based on a single salary target per role: The starting salary for Security Engineers is $152,000 and increases to $230,000 based on industry tenure and experience. Benefits offered include: Medical, Dental, and Vision coverageHSA / FSA401KWork-from-Home StipendTherapy Reimbursement16-week parental leave for eligible employeesCarrot Fertility annual reimbursement and membership13 paid holidays each year as well as a Holiday Break during the week between December 25th and December 31stFlexible PTOEmployee Assistance Program (EAP)Training and professional development #LI-CA1We believe a team's strength is in its people, and we cannot achieve this mission without a team that reflects the diversity of this problem - across race, ethnicity, gender, sexuality, age, national origin, religion, family status, disability, military status, and experience.