Lead Security Engineer

GoodRx, Inc.

Job Overview

Location

Remote USA

Job Type

Full-time

Full Job Description

📋 Description

• Lead Security Engineer responsible for driving security strategy, architecture, and risk mitigation across GoodRx’s products, infrastructure, and internal systems to protect consumer and healthcare professional data.
• Day-to-day responsibilities include defining and evolving security architecture across cloud, application, and infrastructure domains; leading threat modeling and risk analysis; developing secure design principles; evaluating emerging security technologies; performing enterprise-level risk assessments; defining and improving security policies and control frameworks; driving alignment with regulatory requirements; providing executive-ready risk summaries; leading complex security investigations and incident response; conducting root cause analysis; developing runbooks and playbooks; acting as an escalation point for high-impact events; partnering with engineering to integrate security into the SDLC; defining standards for secure code reviews and static/dynamic analysis; evaluating vulnerabilities and recommending mitigations; improving automation for vulnerability scanning and remediation; performing security reviews of AI tooling; guiding cloud security best practices across AWS/GCP; advising engineering leadership; influencing technical decisions that balance security, scalability, and delivery speed; fostering vendor and partner relationships; and mentoring junior security engineers.
• GoodRx is the leading prescription savings platform in the U.S., trusted by over 25 million consumers and 750,000 healthcare professionals annually, providing access to savings at more than 70,000 pharmacies nationwide and helping Americans save nearly $75 billion on prescriptions since 2011.
• The role offers the opportunity to shape GoodRx’s long-term security posture, lead cross-functional security initiatives, gain deep expertise in cloud and application security at scale, influence security practices across engineering teams, and advance as a recognized subject matter expert in enterprise security architecture and risk management.

🎯 Requirements

• 8+ years of cybersecurity or security engineering experience
• Deep expertise in application security, cloud security (AWS/GCP), and modern DevSecOps practices
• Prior experience with modern JavaScript frameworks and microservice architecture including Kubernetes and container security practices
• Demonstrated experience designing and implementing scalable security architectures
• Strong understanding of SDLC, CI/CD pipelines, and secure development practices
• Experience conducting enterprise-level risk assessments and incident investigations
• Strong analytical thinking and ability to assess ambiguous risk scenarios
• Excellent written and verbal communication skills, including ability to influence senior stakeholders
• Ability to operate independently and exercise sound judgment on high-impact security decisions

🏖️ Benefits

• Medical, dental, and vision insurance
• 401(k) with company match
• Employee Stock Purchase Plan (ESPP)
• Unlimited vacation and 13 paid holidays
• 72 hours of sick leave
• Mental wellness and financial wellness programs
• Fertility benefits and generous parental leave
• Pet insurance and supplemental life insurance for employees and dependents
• Company-paid short-term and long-term disability
• Annual cash bonuses or commission and annual equity grants for most positions

Skills & Technologies

Python

JavaScript

Rust

AWS

GCP

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

GoodRx, Inc.

Visit Website

About GoodRx, Inc.

GoodRx is a U.S. healthcare technology company that gathers and publishes prescription drug prices and discount coupons. Founded in 2011, the company operates a price-comparison platform and mobile app that aggregates negotiated rates from pharmacy benefit managers, allowing consumers to locate lower-cost medications at nearby pharmacies. Revenue comes primarily from fees paid by pharmacies and PBMs when consumers redeem its coupons. The company went public in 2020 and also offers telehealth and mail-order pharmacy services.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.