Staff Engineer, Security
About the role
The Staff Security Engineer will serve as the technical backbone of our Security Engineering function at Grow Therapy. You'll be the most senior hands-on engineer on the Security team—equal parts strategist and builder—responsible for shaping and executing a multi-year Security roadmap that protects our customers, enables our engineering organization, and helps Grow scale with trust at its core.
Responsibilities
- Define and drive the Security Engineering North Star.
- Lead the development of a consolidated, multi-year Security Engineering vision—conducting gap analyses, aligning with key stakeholders, and translating strategy into an executable roadmap that teams across the organization can rally behind.
- Lead the charge on AI-native Security: Security sits within Grow’s Internal Foundations pillar, which is building company-wide infrastructure to support AI adoption. We build AI tools Security, Engineering, and the company at large. You’ll be in an incredible position to influence safe and thoughtful adoption of AI tooling at the enterprise level.
- Build secure-by-default infrastructure. Design, build, and roll out foundational security services—including unified authentication, authorization, audit logging, and egress control—to enable engineering teams to build fast without compromising on security.
- Own data security at scale. Drive systematic data tagging across Grow's production data models, aligning with our Data Classification Policy to ensure every datastore is compliant with security controls and observable by the teams who own it.
- Champion security visibility and accountability. Build company-wide security scorecards so every team has a clear, real-time view of their security posture—turning security from a periodic audit into a continuous, embedded practice.
- Enable and empower the engineering organization. Partner deeply with engineering, platform, and product teams to deliver high-leverage, secure-by-default services—reducing the burden on individual teams while raising the security floor across Grow.
- Drive automated Least Privilege and systematic Vulnerability Management as org-wide capabilities.
Requirements
You bring deep, multi-domain security expertise—you've operated meaningfully across Product Security, Cloud Security, Data Security, Access Governance, and/or Detection & Response, and you know how to connect the dots between them.
Benefits
- Comprehensive Health Coverage: Medical, dental, and vision insurance, plus life and disability coverage.
- Parental Leave & Family Support: Up to 18 weeks paid leave and a new child stipend.
- Financial Wellness: 401(k) program and equity opportunities.
- Meals & Home Office Support: Stipends for home office setup and ongoing funds for meals, with tailored perks for both remote and in-office employees.
- Time Off to Recharge: Flexible PTO, 12 paid holidays, and a full winter break week.
- Wellness & Development: Annual stipends to put towards personal & professional growth.
- Mental & Physical Health Support: No-cost access to therapy through the Grow platform, weekly flexible hours for self-care ("Mental Health Mornings/Afternoons") and memberships to leading wellness apps (such as One Medical, Headspace, and Talkspace).
- Pet insurance discounts, commuter benefits, and global travel assistance.
Pay
The base compensation range for this position is: Hybrid Commitment: $217,000–$288,000 USD Annually Fully Remote Commitment: $182,000- $240,000 USD Annually This role can be hybrid (onsite from our NYC, San Francisco, or Seattle hub location three days per week: Tuesday, Wednesday, Thursday) or fully remote. Both arrangements include travel 2–3 times per year (e.g., company and department offsites).
Schedule
This role can be hybrid (onsite from our NYC, San Francisco, or Seattle hub location three days per week: Tuesday, Wednesday, Thursday) or fully remote. Both arrangements include travel 2–3 times per year (e.g., company and department offsites).