[Remote] Staff Security Engineer at Fullscript

Austin, Texas, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Health Technology, SoftwareIndustries

Requirements

Deep technical expertise in application security, and secure software development
Experience with AI/ML security
Strong understanding of modern software architectures, cloud environments, and APIs
Proven ability to influence and mentor engineers across teams, fostering security-first thinking and best practices
Hands-on experience with security tooling and automation, including static/dynamic analysis, monitoring, and observability systems
Strong problem solving skills, able to balance security rigor with product velocity
Excellent communication and collaboration skills, able to translate complex security concepts to technical and non-technical stakeholders
Experience with protecting/hardening of health data
Experience securing Ruby on Rails, Javascript, GraphQL applications
Familiarity with regulatory and compliance frameworks relevant to software and AI security (e.g. SOC 2, NIST)

Responsibilities

Lead the design and implementation of robust security architectures for Fullscript’s applications, and AI initiatives
Collaborate closely with engineering teams to embed security into the development lifecycle, including threat modeling, security coding practices, and design reviews
Drive AI security best practices, ensuring responsible deployment, and mitigation of risks such as data poisoning, prompt injection, or model exploitation
Mentor engineers and other security team members, fostering a culture of security awareness and technical excellence across the organization
Conduct technical risk assessments, security research, and code reviews to proactively identify and remediate vulnerabilities
Influence cross-functional teams through technical leadership, helping define security standards and strategies that scale across Fullscript’s products and AI ecosystem
Stay ahead of emerging threats, attack vectors, and AI-specific security challenges to guide strategic decisions for the organization’s security posture

Skills

Key technologies and capabilities for this role

Security ArchitectureThreat ModelingSecurity Coding PracticesDesign ReviewsAI SecurityData PoisoningPrompt InjectionModel ExploitationMentoringRisk AssessmentCross-functional Collaboration

Questions & Answers

Common questions about this position

What are the key responsibilities of the Staff Security Engineer role?

You'll lead security architectures for applications and AI, collaborate with engineering teams to embed security in development, drive AI security practices, mentor engineers, conduct risk assessments, and influence cross-functional teams.

What skills and experience are required for this position?

Required skills include deep expertise in application security and secure software development, experience with AI/ML security, understanding of modern software architectures, cloud environments, and APIs, plus hands-on experience with security tooling and strong problem-solving skills.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What does Fullscript's company culture emphasize?

Fullscript emphasizes building tools that make care smarter and more human, fostering a culture of security awareness and technical excellence, and invites candidates to bring ideas, grit, and care for people to shape the future of care.

Fullscript

Platform for managing supplement plans

About Fullscript

Fullscript provides a platform for healthcare practitioners to create and manage supplement plans for their patients. The platform simplifies the workflow for health professionals, allowing them to personalize treatment plans with custom protocols and features. It serves over 70,000 practitioners, including doctors and nutritionists, and operates in a two-sided market by selling high-quality supplements directly to patients or in-office, with prices set by the practitioners. Fullscript also offers educational resources to help patients adhere to their supplement plans, including infographics, handouts, and an award-winning blog covering various wellness topics. The company's goal is to improve patient outcomes and make wellness more affordable through better support and resources for both practitioners and patients.

Ottawa, CanadaHeadquarters

2011Year Founded

$265.7MTotal Funding

LATE_VCCompany Stage

Education, Healthcare, Consumer GoodsIndustries

501-1,000Employees

Benefits

Flexible Paid Time Off

Stock Options

Health Insurance

Dental Insurance

Vision Insurance

401(k) Company Match

Remote Work Options

Wellness Program

Training Budget

Risks

Integration challenges with Rupa Health could lead to operational inefficiencies.

Regulatory scrutiny may arise from handling genetic data with 3X4 Genetics.

Recent executive changes could cause strategic misalignments during transitions.

Differentiation

Fullscript offers a seamless blend of virtual dispensing and in-office sales.

The platform supports over 70,000 practitioners with personalized treatment plans.

Fullscript's educational resources enhance patient adherence and promote wellness.

Upsides

The acquisition of Rupa Health expands Fullscript's comprehensive care platform.

Partnership with 3X4 Genetics enhances personalized supplement recommendations.

Growing demand for telehealth boosts Fullscript's digital health platform.

Land your dream remote job 3x faster with AI

Try Jobo Free