Help build and automate a security platform that protects sensitive healthcare data while enabling teams to move fast with confidence.
About Maven Clinic
Maven is the world’s largest virtual clinic for women and families, providing digital programs across fertility & family building, maternity & newborn care, parenting & pediatrics, and menopause & midlife. Trusted by 2,000+ employers and health plans, Maven supports members with clinical, emotional, and financial care on one platform.
Schedule
- Hybrid model with hub-city collaboration expectations
- NYC: onsite 3 days/week (Tue/Wed/Thu)
- SF Bay Area, Seattle, Boston, Chicago, Washington DC: quarterly Work Together Days
What You’ll Do
- Design and implement scalable security infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance
- Build and maintain identity, authentication, and access systems (Okta, GCP IAM, Auth0, OPA)
- Implement observability and anomaly detection across services, data stores, and SaaS platforms
- Establish Zero Trust principles and enforce least-privilege access company-wide
- Build compliance dashboards and automate evidence collection
- Create self-service security tools that integrate with developer workflows (GitLab CI/CD, Terraform)
- Automate onboarding/offboarding, access reviews, approvals, and policy enforcement
- Integrate software supply chain security (SBOM, dependency scanning), SAST/DAST, and compliance verification
- Lead threat modeling and security architecture reviews for new products and services
- Ensure encryption, access tracking, and secure handling across PHI workflows
- Support incident response, post-mortems, and continuous security posture improvement
- Mentor peers and partner cross-functionally (Engineering, Compliance, Clinical, Legal) to align security strategy
What You Need
- 8+ years software engineering experience, including 3+ years in security infrastructure or application security
- Experience designing and implementing large-scale, distributed, cloud-native systems
- Strong coding skills in Python, TypeScript, Go and/or Rust
- Deep cloud security knowledge (GCP preferred; AWS/Azure welcome)
- Kubernetes, containers, and infrastructure-as-code experience (Terraform)
- Familiarity with secure SDLC practices and security testing frameworks
- Strong communication and documentation skills
Benefits
- Employer-covered health, dental, and insurance options
- Maven for Mavens platform access and specialists
- Wellness partnerships
- 16 weeks 100% paid parental leave + new parent stipend (after 1 year)
- Annual professional development stipend + career coach
- 401(k) matching with immediate vesting
This one’s a serious senior seat. If your background lines up with cloud security + automation + compliance, it’s a high-value apply.
Happy Hunting,
~Two Chicks…