RevenueCat logo
RevenueCat

The subscription platform for mobile apps

Head of Security

Security EngineerSecurity EngineerFull TimeRemoteLeadTeam 51-200Since 2017H1B No SponsorCompany SiteLinkedIn

Location

California

Posted

1 day ago

Salary

$305K / year

Seniority

Lead

Bachelor DegreeEnglishAWSDistributed Systems

Job Description

Head of Security

RevenueCat

• Lead and evolve RevenueCat’s security roadmap • Establish priorities across infrastructure, application, and internal security • Partner with engineering leadership on architecture and security decisions • Build trust internally as the security leader engineers want to work with • Drive meaningful improvements to overall security posture • Improve detection, prevention, and response capabilities • Educate and increase security awareness within the company • Define how the security organization should scale over time

Job Requirements

  • Deeply technical security leader with modern engineering organization experience
  • Strong understanding of both infrastructure and application security
  • Experience with real-world security incidents
  • Capability to operate with high ownership and ambiguity
  • Ability to move between technical details, strategic planning, customer conversations, and incident response
  • Strong opinions on supply chain security, secure software development, AI-assisted engineering workflows, infrastructure hardening, identity and access management, incident response, and balancing security with engineering velocity
  • Strong communication skills
  • Experience with AWS, distributed systems, developer tools, fintech, mobile, or payments is a strong plus

Benefits

  • Competitive equity in a fast-growing, Series C startup backed by top-tier investors, including Y Combinator
  • 10-year window to exercise vested equity options
  • Fully remote and flexible work environment
  • 4-5 weeks of suggested time off annually for mental, physical, and emotional recharge
  • $2,000 USD for workspace setup and $1,000 USD annual stipend for continuous learning

Related Categories

Related Job Pages

More Security Engineer Jobs

Information Security Engineer – Security Automation and Response

UChicago Medicine

We’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion.

Role Description Join one of the nation’s most comprehensive academic medical centers, UChicago Medicine as an Information Security Engineer – Security Automation and Response for the Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area. Under general direction of the Information Security Operations Manager, you will be responsible for: - Implementing, deploying, and optimizing Automation using SOAR playbook development, Logging, AI driven workflows. - Streamlining incident response and improving SOC operational efficiency. - Participating in threat investigation and incident response. Essential Job Functions include: - Developing, implementing, and maintaining SOAR playbooks to automate repetitive security tasks, such as alert triage, threat investigation, and incident response, using tools like SOAR, Python, and API integrations. - Knowledge of threat detection development, automation of SOAR development, and Incident Response. - Supporting initiatives with the Information Security Operations Manager to advance Security Operations capabilities using AI. - Investigating malware, intrusions, unauthorized access, and data infiltration and exfiltration events. - Analyzing logs, memory, disk images, and network captures to determine attack scope and impact. - Staying informed on cyber threats and standard processes to enhance Security Operations Center capabilities. - Excellent knowledge of security information and event management (SIEM) platforms including query language (Yara-L, CQL, SPL, etc.). - Participating in Purple Team activity. - Participating in on-call rotation and responding to critical security events. Qualifications - BS or BA degree, Computer Science, Engineering, or equivalent education, training or work experience. - 5 years of Security experience, or equivalent training and education. - Knowledge of computing systems, data network communications, and network architecture. - Effective written and verbal communication skills. - Experience in SOAR playbook development. - Scripting or programming skills (Python, PowerShell, Go, etc.) required. - Experience in Incident Response and Threat investigation. - Experience in Threat detection. - Understanding of logging systems. - Security related certifications are preferred (GIAC, CISSP). Requirements - Full Time (1.0 FTE). - Day Shift. - Remote Location. - Non-Union CBA Code. Benefits UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position. - The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. - Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. - Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.

United States
$98.3K - $114.7K / year

Senior Network Security Engineer

UnitedHealth Group

UnitedHealth Group is a healthcare and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of

Role Description The Senior Information Security Engineer plays a critical role in protecting enterprise network infrastructure by designing, implementing, and operating Palo Alto Networks firewall solutions. This position supports regulatory compliance, incident response, and continuous security improvement while partnering closely with cross‑functional teams during high‑severity incidents and acquired‑entity integrations. The role leverages automation and AI‑assisted tools to improve operational efficiency, enhance monitoring capabilities, and ensure a resilient and scalable security posture aligned with business growth. - Design, implement, and manage Palo Alto Networks firewall solutions to protect enterprise network environments. - Configure and maintain firewall policies, threat prevention profiles, and security controls in alignment with organizational standards and compliance requirements. - Lead acquired entity security integration initiatives, focusing on the seamless onboarding of new environments into the enterprise network and security architecture. - Manage end to end Palo Alto Networks security integrations for acquired entities, from initial discovery and gap assessment through design, implementation, and steady state operations. - Communicate clearly and effectively during high pressure situations to identify root causes, assess impact, and drive timely resolution. - Perform detailed analysis of firewall logs, traffic flows, and alerts to support investigations and operational diagnostics. - Leverage AI assisted with tools such as GitHub Copilot and Microsoft Copilot to increase development speed, accuracy, and overall productivity. - Contribute to documentation, knowledge sharing, and operational runbooks to support consistent and repeatable security operations. - Follow established change management, incident handling, and security processes while continuously enhancing technical expertise in network security technologies. Qualifications - Bachelor’s degree in information security, Computer Science, OR 4 years of network security engineering experience. - 8+ years of experience in information security, network security, or cloud security roles. - 3+ years of experience with Palo Alto Networks firewalls. - 5+ years of strong working knowledge of network security concepts, policies, compliance, including firewalls, proxies, secure access, and policy risk enforcement. - 8+ years of strong background in security operations, incident management, and root cause analysis. - Ability to support call rotations, after hours support and respond to high severity security incidents when required. Requirements - Master’s degree or relevant security certifications (e.g., CISSP, CISM, PCNSE, CCSP). - Experience with Zero Trust architecture and cloud first security platforms. - Experience working security operations across multiple regions or markets. - Familiarity with vendor management, capacity planning, or service optimization. - Experience with automation, scripting, and API based integrations. - PCNSE certification is strongly preferred. Benefits - Comprehensive benefits package. - Incentive and recognition programs. - Equity stock purchase. - 401k contribution (all benefits are subject to eligibility requirements).

United States
$91.7K - $163.7K / year

Senior Security Engineer

Function Health

Function Health provides lab testing services to aid in the early detection of thousands of diseases. Focused on empowering patients to take charge of their hea

Role Description We’re looking for a pragmatic Security Engineer with a strong focus on Identity and Access Management (IAM) to join our lean, fast-paced Security Operations team. In this hands-on role, you will lead the design and management of critical IAM systems protecting our clients’ health data—the foundation of our business. With nearly 1 million users and growing rapidly, you will be leading efforts for Okta and ConductorOne, responsible for: - Application integrations - Enabling provisioning - Building out our Okta organizational structure - Enforcing security policies around user access Beyond IAM, there’s room to expand into security operations, IT automation, and compliance as our team grows. This is a unique opportunity to own one of the strongest security controls in the company and directly reduce organizational risk at scale. Key Responsibilities - Administer and optimize Okta, including: - Integrating new applications for SSO - Implementing and enhancing provisioning and revocation workflows - Building and maintaining Okta organizational structure and role mappings - Administer ConductorOne to: - Integrate it with all relevant applications - Conduct User Access Reviews (UARs) - Enforce time-based access controls - Enable and improve automated provisioning and revocation - Collaborate with cross-functional teams to ensure secure onboarding/offboarding and least privilege enforcement - Support ongoing IAM policy development, documentation, and audit readiness - Monitor and respond to IAM-related alerts and incidents, escalating as needed - Identify opportunities to automate IAM workflows and enhance security operations - Participate in broader security initiatives including vulnerability management, IT automation, and compliance support Qualifications - 3–5 years of hands-on experience administering IAM platforms, ideally Okta and/or ConductorOne - Strong knowledge of SSO protocols (SAML, OIDC), provisioning standards (SCIM), and IAM best practices - Experience integrating multiple SaaS applications into centralized IAM systems - Familiarity with user lifecycle management, role-based access control (RBAC), and access review processes - Solid understanding of cloud infrastructure identity models (GCP preferred) and security operations fundamentals - Experience using Terraform for infrastructure as code, particularly for managing IAM resources and integrations - Comfortable working independently in a fast-moving environment with minimal supervision - Strong organizational skills and a detail-oriented mindset Core Values - Ruthless Prioritization: We don’t let perfect get in the way of progress. We move quickly to drive value, not perfection. We prioritize what drives impact. We never compromise on standards of excellence. - Member-First, Always: We design and deliver like we’re caring for someone we love. We create calendar, actionable, human experience. We prioritize responsiveness, peace of mind, and outcomes. We empower members with truth, clarity, and care. - One Team, Moving Fast: We are aligned in purpose, prioritization, and speed. We gather diverse perspectives to make informed decisions. We clear paths for each other and move fast together. We communicate clearly and respectfully, rallying around shared goals. - Radical Ownership, Relentless Execution: We don’t just ship– we own outcomes and drive results. We act with urgency and precision. We anticipate, initiate, and follow through. We meet challenges with grit and pragmatism. We embrace new tech to deliver better outcomes. - Mission Over Ego: We are ruthlessly aligned to our mission - and leave ego at the door. We disagree and commit. We don't tolerate politics or withholding information. We operate with honesty, transparency, and respect. - Sustained Integrity in Every Detail: We earn trust by obsessing over accuracy, quality, and clarity in everything we do. We prioritize clinical precision - data must be right. We sweat the details because outcomes depend on them. Benefits - Competitive salary and benefits package - Flexible working hours - Dynamic work environment where creativity and innovation are encouraged Important Notice Legitimate communication from the Function Health team will always come from an email address ending in @functionhealth.com. Function Health will never request personal information such as banking details or payment during the hiring process. Please be cautious of communications or job offers that come from other email domains, instant messaging platforms, or unsolicited calls. If you ever have doubts about the legitimacy of a communication, please reach out to us directly at talent@functionhealth.com.

United States
GuidePoint Security logo

Security Consultant – Threat & Attack Simulation

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

• Deliver Threat & Attack Simulation's professional services, including but not limited to Vulnerability Assessments, Internal and External Penetration Tests, Wireless Security Assessments, Onsite and Remote Social Engineering, and a variety of custom assessments • Author comprehensive assessment deliverables that are proficiently tailored to both technical and managerial audiences and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies • Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients • Contribute to marketing initiatives via activities such as publishing research, speaking at industry conferences, authoring blog articles and whitepapers, hosting webinars, and developing security tools • Assist with Practice development, including improving existing offerings • Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry. • Foster client relationships by providing support, information, and guidance • Configure, operate, and manage a Breach and Attack Simulation (BAS) or continuous penetration testing platform and report results to relevant stakeholders promptly • Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company • Perform other duties as assigned

United States