Fullscript
Founded in 2011, Fullscript is a healthcare platform built on the belief that care should treat the whole person. Today, more than 125,000 practitioners and 10 million patients count on us for access to high-quality supplements, industry‑leading labs, and tools that make it easier to follow through on care.
Lead Security Engineer
– Austin, TX. Fullscript is looking for an experienced lead to mature our security program, deliver a modern and secure user experience, and manage risk. You will join a team that covers DevSecOps, Application Security, Governance, Risk & Compliance, security operations, and incident response. What You’ll Do
Drive security initiatives ensuring security is considered from design through implementation. Use threat modeling to inform application design decisions. Perform security code reviews to validate vulnerabilities, exploitabilities, and adherence to security best practices. Triage application vulnerabilities and recommend remediation strategies. Purple‑team our application and demonstrate attack vectors. Improve security processes and tooling automation. Optimize security processes using SLAs, severity frameworks, and remediation protocols. What You Bring to the Table
Demonstrated success delivering application security programs. Experience partnering with cross‑organizational teams to drive security initiatives. Experience with engineering‑focused remediation and mitigation strategies against security vulnerabilities. Experience with product engineering and security engineering. Additional Experience We Value
Hardening and security best practices for AWS, Kubernetes, CI/CD pipelines, IaC, Terraform, CloudFormation. Protection and hardening of health data. Securing Ruby on Rails, JavaScript, GraphQL applications. Pen‑testing tools (Burpsuite). Understanding of industry frameworks (SOC2, PCI, HIPAA, HITRUST, NIST). What We Can Offer You
Generous PTO and competitive pay. Fullscript’s RRSP match program for financial health. Flexible benefits package and workplace wellness program. Training budget and company‑wide learning initiatives. Discount on Fullscript catalog of products. Ability to work wherever you work well. Why Fullscript?
Values innovation – we push boundaries and look for better ways. Supports growth – through learning, mentorship, and meaningful work. Cares about balance – with flexible work options and time off when you need it. Apply now—let’s build the future of healthcare together. Fullscript is an equal‑opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request—email accommodations@fullscript.com for support. Before joining the team, all candidates who receive and accept an offer will complete a background check. We use AI tools to support parts of our hiring process, such as screening and reviewing responses. Final decisions are always made by people. This process complies with privacy and employment laws across Canada and the U.S.
#J-18808-Ljbffr
– Austin, TX. Fullscript is looking for an experienced lead to mature our security program, deliver a modern and secure user experience, and manage risk. You will join a team that covers DevSecOps, Application Security, Governance, Risk & Compliance, security operations, and incident response. What You’ll Do
Drive security initiatives ensuring security is considered from design through implementation. Use threat modeling to inform application design decisions. Perform security code reviews to validate vulnerabilities, exploitabilities, and adherence to security best practices. Triage application vulnerabilities and recommend remediation strategies. Purple‑team our application and demonstrate attack vectors. Improve security processes and tooling automation. Optimize security processes using SLAs, severity frameworks, and remediation protocols. What You Bring to the Table
Demonstrated success delivering application security programs. Experience partnering with cross‑organizational teams to drive security initiatives. Experience with engineering‑focused remediation and mitigation strategies against security vulnerabilities. Experience with product engineering and security engineering. Additional Experience We Value
Hardening and security best practices for AWS, Kubernetes, CI/CD pipelines, IaC, Terraform, CloudFormation. Protection and hardening of health data. Securing Ruby on Rails, JavaScript, GraphQL applications. Pen‑testing tools (Burpsuite). Understanding of industry frameworks (SOC2, PCI, HIPAA, HITRUST, NIST). What We Can Offer You
Generous PTO and competitive pay. Fullscript’s RRSP match program for financial health. Flexible benefits package and workplace wellness program. Training budget and company‑wide learning initiatives. Discount on Fullscript catalog of products. Ability to work wherever you work well. Why Fullscript?
Values innovation – we push boundaries and look for better ways. Supports growth – through learning, mentorship, and meaningful work. Cares about balance – with flexible work options and time off when you need it. Apply now—let’s build the future of healthcare together. Fullscript is an equal‑opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request—email accommodations@fullscript.com for support. Before joining the team, all candidates who receive and accept an offer will complete a background check. We use AI tools to support parts of our hiring process, such as screening and reviewing responses. Final decisions are always made by people. This process complies with privacy and employment laws across Canada and the U.S.
#J-18808-Ljbffr