Job Overview
Location
San Francisco
Job Type
Full-time
Category
Software Engineering
Date Posted
May 22, 2026
Full Job Description
đź“‹ Description
- • Own the end-to-end secure software development lifecycle for Opal’s product and platform, including threat modeling, design reviews, and code reviews to establish and enforce security standards.
- • Run and coordinate internal and external application penetration tests, driving all identified findings to complete remediation with engineering teams.
- • Build, maintain, and integrate SAST, DAST, and SCA tooling directly into CI/CD pipelines to ensure security is embedded in every code shipment.
- • Triage and remediate vulnerabilities from multiple sources including bug bounty programs, automated scans, and internal audits across the entire codebase.
- • Design, build, and maintain security-critical components such as encryption services, authorization enforcement mechanisms, and authentication flows in production.
- • Own the integration between Auth0 and Opal’s platform, managing tokens, sessions, MFA, SSO (SAML, OIDC, OAuth 2.0), and identity lifecycle controls.
- • Ship production-grade Go and TypeScript code to harden APIs, enforce least-privilege access, and eliminate entire classes of vulnerabilities at the source.
- • Develop and maintain shared security libraries and tooling that make secure coding the default path for all product engineers.
- • Serve as the first responder for security incidents: investigate, contain, determine root cause, and implement permanent fixes.
- • Partner with Infrastructure Engineering to harden cloud environments on AWS, including IAM policies, EKS clusters, KMS key management, and network segmentation.
- • Improve detection and response capabilities by writing custom detection rules, enhancing logging, and refining alerting systems for security events.
- • Mentor engineers on secure coding practices, common vulnerability patterns, and secure architecture patterns to elevate the team’s overall security posture.
- • Define and prioritize the product security roadmap based on real-world risk exposure, not theoretical threats.
- • Be the trusted security collaborator for engineering teams — fostering a culture of shared ownership, not gatekeeping or bureaucracy.
- • Drive cross-functional security initiatives from conception through execution, ensuring alignment between product goals and security requirements.
- • Maintain deep familiarity with enterprise security tooling and practices while focusing exclusively on application and product security — not IT, compliance, or vendor risk management.
🎯 Requirements
- • 4+ years of experience in application security or software security engineering
- • Proven track record of writing production code in Go, TypeScript, or similar languages
- • Deep expertise in authentication protocols: OAuth 2.0, OIDC, SAML, session management, and token lifecycle
- • Hands-on experience with AWS cloud services including IAM, EKS, KMS, and network security controls
- • Experience leading complex, cross-functional security initiatives from kickoff to completion
- • Demonstrated experience running or participating in external penetration tests and driving findings to remediation
🏖️ Benefits
- • Opportunity to work on a security-critical product at the core of Opal’s business
- • Embedded role within engineering teams with direct impact on product architecture
- • Ownership of security tooling and processes from design to deployment
- • Collaborative culture focused on making security a force multiplier, not a bottleneck
Skills & Technologies
See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.
About Opal Labs, Inc.
Opal is a health benefits administration platform designed to streamline the process for employers and insurance brokers. It offers a unified platform for managing health insurance plans, dental, vision, and other voluntary benefits. Opal aims to simplify complex benefit administration tasks, providing tools for enrollment, eligibility management, and carrier connections. The platform focuses on transparency and efficiency, helping companies control costs and improve the employee experience by making benefits easier to understand and access. It serves as a central hub for all benefit-related information and operations, reducing administrative burden and enhancing decision-making for HR departments and brokers.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities
Vanta, Inc.
3 months ago
Keyrock NV
3 months ago
OpenAI, Inc.
3 months ago
Cloudera, Inc.
3 months ago