• Partner with Product Management to define, validate, and shape security-related capabilities and use cases. • Design and evangelize customer workflows to realize the value of security features. • Build and maintain lab environments to support demos, technical validation, and security use-case exploration. • Develop high-quality technical collateral for internal audiences, including training materials, demo guides, and sales enablement content. • Collaborate with Marketing to create external-facing assets such as whitepapers, solution briefs, blogs, presentations, and videos. • Enable Sales and Solutions teams with security-focused demos, messaging, and technical training. • Represent Forward Networks at customer meetings, webinars, and industry events, including security conferences and trade shows. • Contribute thought leadership on network security trends and Forward’s role in modern security architectures. • Gather field and market feedback to influence product roadmap and security positioning.

About the Role Crane Company is seeking a hands-on Principal Security Engineer to help architect the next generation of our enterprise security capabilities and help transform the security of our technology environments. This is a rare opportunity to influence security at scale by building secure-by-design patterns, modernizing the global security technology stack, and partnering deeply with IT and cybersecurity teams across cloud, network, infrastructure, and application domains. This role is ideal for those who gets energized solutions to complex problems, rationalizing tools, establishing patterns and guardrails, and elevating the security posture across diverse businesses and platforms with an eye on building for the future. If you enjoy creating clarity in complex technical environments, shaping enterprise-wide engineering standards, and delivering high-impact, measurable improvements to security capabilities this is your role. On-site candidates preferred, but remote candidates will also be considered. Core Function As a Principal Security Engineer, you will serve as a technical authority for secure architecture, platform security, and enterprise security engineering. You will drive the design, integration, and evolution of core security capabilities, ensuring scalable, consistent, and effective controls across Crane Company’s global operating environment, and focused on streamlining M&A processes for secured integrations of technology stacks. This role focuses on building, integrating, and optimizing the underlying technologies that secure our cloud platforms, networks, endpoints, and infrastructure. You will evaluate existing controls, rationalize overlapping solutions, and lead the implementation of modern, centralized security capabilities. Your work will directly influence strategic security investments and architectural decisions, and you will have a strong line to the CISO to drive secure design patterns and enterprise security maturity. Key Responsibilities: Secure Architecture & Engineering (Primary Focus) - Design, implement, and evolve secure-by-design architectures for cloud, network, identity, endpoint, and infrastructure platforms. - Partner closely with IT and engineering teams to embed security controls, guardrails, and patterns early in solution design. - Lead consolidation and rationalization of the security technology stack, identifying redundancies and driving integration and modernization. - Define and maintain security reference architectures, secure configuration baselines, and architectural patterns across platforms in current state, through M&A and supporting business growth. - Evaluate emerging technologies to strengthen enterprise security capabilities while simplifying and centralizing the environment. - Drive enterprise-wide adoption of zero trust principles, identity-centric controls, and strong segmentation practices. - Build scalable automation for security services, control enforcement, and platform provisioning. Security Technology Integration & Centralization - Integrate disparate tools and telemetry sources into centralized, unified platforms. - Streamline data flows across cloud, on-prem, and hybrid environments to support advanced monitoring and analytics. - Engineer interoperability between core security capabilities - Develop API-driven automation and orchestration to reduce manual effort and ensure consistent enforcement of controls. - Lead technical roadmaps for critical security platforms, ensuring alignment across IT and security stakeholders. Collaboration & Leadership - Act as a trusted advisor to IT, cloud, network, and infrastructure teams for secure design and control implementation. - Provide senior engineering guidance during major digital transformation initiatives, cloud migrations, and infrastructure modernization projects. - Partner with security leadership to shape enterprise security strategy and long-term program development. - Communicate complex technical concepts to both technical and executive audiences, influencing architectural decisions. Support for Security Operations - Provide expert engineering support to improve detection, prevention, and resilience capabilities. - Assist in defining technical requirements for detection content, logging, and security telemetry (architecture-level input, not SOC operations). - Inform security operations teams of architectural gaps and recommended improvements. Qualifications & Competencies: Required - 10+ years in security engineering, secure architecture, or platform security roles. - Deep expertise designing, integrating, and securing enterprise-scale systems across cloud, network, identity, and endpoint domains. - Proven experience building or modernizing large-scale security capabilities and consolidating complex toolsets. - Strong background in security standards, architectural patterns, and modern control frameworks (Zero Trust, CIS, NIST, MITRE ATT&CK). - Hands-on engineering experience with automation, scripting, and API integrations (Python, PowerShell, REST APIs). - Strong understanding of cloud-native security (Azure, AWS, OCI), hybrid environments, and infrastructure-as-code. - Excellent communication skills, able to influence senior technical and business stakeholders. Preferred - Experience driving secure design reviews and threat modeling practices. - Expertise with identity services (AAD/Entra, SSO, MFA, PAM, secrets management). - Knowledge of modern security service architecture (EDR/XDR, SIEM, SOAR, vulnerability management, Cloud, sec/ops - Professional certifications (e.g., CISSP, CCSP, GIAC Cloud, GDSA, GCSA). This description has been designed to indicate the general nature and level of work being performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Crane Company. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, sexual orientation, general identity, national origin, disability or veteran status.

• Develop and maintain a pragmatic cybersecurity strategy and roadmap aligned to business objectives. • Define security policies, standards, and procedures appropriate for a fast-growing SMB environment. • Establish cybersecurity governance, risk appetite, and reporting mechanisms. • Present cyber risk updates to executive leadership and private equity (PE) stakeholders in plain business terms. • Identify, assess, and prioritize cyber risks using a risk-based approach. • Oversee vulnerability management, penetration testing, and remediation efforts. • Lead compliance initiatives, such as SOC 2, ISO 27001, NIST, CMMC, HIPAA, PCI-DSS. • Ensure third-party and vendor risk management processes are in place. • Own the incident response plan, tabletop exercises, and breach readiness. • Lead response to security incidents, ransomware events, or data breaches. • Coordinate with legal, insurance, forensics, and external advisors as needed. • Oversee backup, disaster recovery, and business continuity planning. • Oversee core security tooling (IAM, endpoint security, SIEM/MDR, email security, cloud security). • Ensure secure configuration of cloud, SaaS, and on-prem environments. • Partner closely with IT and operations teams to embed security into operations. • Make cost-effective build vs. buy decisions. • Support cybersecurity due diligence for acquisitions. • Assess security posture of acquisition targets and provide risk summaries. • Align security maturity with PE exit strategy (strategic buyer or IPO readiness). • Build a security-aware culture through training and phishing simulations.

Who are we and why should you join us? BetterHelp is on a mission to remove the traditional barriers to therapy and make mental health care more accessible to everyone. Founded in 2013, we are now the world’s largest online therapy service, providing affordable and convenient therapy across the globe. Our network of over 30,000 licensed therapists has helped millions of people take ownership of their mental health and change their lives forever. And we’re not stopping there – as the unmet need for mental health services continues to grow, BetterHelp is committed to being part of the solution. As a Senior Security Engineer, (Applications Team) at BetterHelp, you’ll join a diverse team of licensed clinicians, engineers, product pros, creatives, marketers, and business leaders who share a passion for expanding access to therapy. And as a mental health company, we take employee mental health just as seriously as we do our mission. We deeply invest in our team’s well-being and professional development, because we know that business and individual growth go hand-in-hand. At BetterHelp, you’ll carve your own path, make an immediate impact, and be challenged every day – with a supportive community behind you the whole way. What are we looking for? We are looking for a motivated Application Security Engineer who is looking to help build the maturity of our Application Security Team while growing their own security skill set. Our team prioritizes the full lifecycle of security triage: identifying vulnerabilities, reproducing exploits, meticulous code analysis, and crafting production-ready fixes. We are looking for an engineer with good attention to detail, the ability to learn quickly and pick up new skills independently, and a get-things-done attitude with eagerness to build something awesome! What will you do? - Work with a nimble passionate security team, collaborating with development and product. - Conduct vulnerability triage: handle internal and external vulnerability reports, and more importantly: go beyond investigating and write fixes yourself. - Review code and help make decisions about secure coding decisions. - Review new product features to ensure they are designed with security in mind - Collaborate with other developers and teams for long term security success. - Code solutions for preventative measures and generating alerts. - Use your detective work to get to the AH-HA! moment when you find and replicate the root cause of an issue and figure out how to fix it. - You will care and be involved in our product, mission, and success - way beyond checking off tasks. What will you NOT do? - You will NOT worry about "runway", "cash left", or "how much time we have until the next round". We have the startup DNA but we're fully backed and funded, all the way to success. - You will NOT be confined to your "job". You will get involved in product, marketing, business strategy, and almost everything we do. - You will NOT be bogged down by office politics, ego, or bad attitude. Only positive, pleasure-to-work-with people are allowed here! - You will NOT get yourself burned out. We work hard but we believe in maintaining a sustainable work/life balance. Really. Can I work remotely? Yes. We operate on PST and candidates in any time zone are welcome to apply. We ask employees to travel to our San Jose, CA office up to three times per year plus one company-wide offsite to collaborate in person and strengthen working relationships. Travel expenses are covered and reasonable accommodations are made for those under unique circumstances who cannot travel. What technologies will you work with? Our application uses a combination of well established and more recent technologies, always innovating, always experimenting. Our current tech stack is: - Backend: PHP/Laravel, MySQL, Docker, AWS (SQS, ElastiCache, RDS) - Frontend: React, Nextjs, Twig (php templates), Tailwind, jQuery, SCSS, HTML & CSS - Tools: Static analysis tools (Semgrep, phpstan), DASTs Requirements - 5+ years of experience in web application security - Strong experience with code review, security reviews, security architecture, pentesting, and bug bounty programs - Experience working in full-stack projects - Experience with discovering and fixing common web security vulnerabilities - Experience using web application pentesting tools (e.g. Burp Suite) - Basic understanding of networking concepts (DNS, TCP/IP, VPNs) - Able to explain complex ideas either verbally or in writing to a mixture of audiences - Knowledge and understanding of the OWASP Top 10 - Experience creating security automations with GitHub Actions or other methods Bonus (Great to have, but not required) - Experience coding in PHP and working with React/Next.js - Experience using scripting, using regex, and writing bash scripts - Experience with applications deployed in AWS & Kubernetes - Awareness of AI and LLMs, and how they are used in consumer products - Experience using AI and LLMs in security research - Experience with threat modeling Benefits - Remote work with regular in-person bonding experiences sponsored by the company - Competitive compensation - Holistic perks program (including free therapy, employee wellness, and more) - Excellent health, dental, and vision coverage - 401k benefits with employer matching contribution - The chance to build something that changes lives – and that people love - Any piece of hardware or software that will make you happy and productive - An awesome community of co-workers The base salary range for this position is $130,000 - $185,000. In addition to the base salary, this position is eligible for a performance bonus and the extensive benefits listed here (subject to eligibility requirements): Teladoc Health Benefits 2026. Total compensation is based on several factors – including, but not limited to, type of position, location, education level, work experience, and certifications. This information is applicable to all full-time positions. At BetterHelp we thrive on difference and individuality, and as part of the Teladoc Health family, we are proud to be an Equal Opportunity Employer. We never have and never will discriminate against any job candidate or employee due to age, race, ethnicity, religion, sex, color, national origin, gender, gender identity, sexual orientation, medical condition, marital status, parental status, disability, or Veteran status.