Staff Security Engineer

Position Summary

League’s security engineering teams are responsible for scaling security in the development lifecycle and vulnerability management. We believe in security by design and follow a paved road philosophy by building or buying tools that we can integrate into our platform to ultimately make it easier for our engineers to do the right thing. Security is everyone’s responsibility, but security engineering is how we make it possible for engineers to ship high quality code to production several times per day with security baked in.

As a Staff Security Engineer at League, you will be a principal technical leader helping to set the long-term security architecture and strategy across our entire platform, infrastructure, and engineering organization.

You will move beyond incremental improvement to solve the highest-impact, most ambiguous, and most foundational security problems. You will define the "paved road" by designing common security components, frameworks, and reference architectures that make it nearly impossible for engineers to ship insecure code. You are expected to not only execute but also to help define the technical strategy for scaling security by design across a high-growth health tech environment. This role has system-level impact, driving security and compliance controls directly into the foundational fabric of League’s technology

About the Role

• Architectural Leadership: Help define and champion the long-term technical security roadmap, architecture patterns, and standards for League's applications, infrastructure, and multi-cloud environment.
• Cross-Functional Strategy: Act as the primary security technical partner and consultant to Platform, Product, and executive leadership, driving alignment on multi-quarter security initiatives.
• Security Design Governance: Lead high-stakes, complex security design and architecture reviews (STRIDE/threat modeling) for new services and core platform migrations, ensuring all foundational systems meet strict health data compliance requirements.
• Risk & Vulnerability Strategy: Design, implement, and automate organization-wide frameworks for continuous vulnerability management and detection, moving beyond manual triage to scalable remediation systems.
• Due Diligence Expertise: Architect the security due diligence program for critical third-party vendors and partnerships that handle sensitive customer data, setting non-negotiable architectural requirements.
• Mentorship & Elevation: Actively mentor Senior and mid-level security engineers, fostering a culture of security architecture excellence and technical leadership within the team and across the organization.

About You

• 8+ years of progressive experience in security engineering, with at least 2 years operating at the Senior or Principal Engineer level.
• Deep expertise in cloud security architecture (AWS, GCP, or Azure), focusing on securing containerization (Kubernetes), cloud IAM, and infrastructure as code (Terraform).
• Proven track record of successfully leading and delivering large-scale, cross-organizational security initiatives from concept through production deployment.
• Ability to write secure, production-grade code in languages like Python, Go, Java, or TypeScript to build automation tools and scalable security services.
• Demonstrates experience designing and implementing controls and architectural mandates to achieve and maintain compliance with HIPAA or HITRUST.
• Mastery of application security, including secure development lifecycle (SDLC) integration, authentication/authorization protocols (OAuth, OIDC), and common attack vectors.

Security-Related Responsibilities

• Ensure access management is performed in compliance with the employee's role and responsibilities
• Responsibility and accountability for executing League's policies and procedures within the department/ team
• Notification of HR, Legal, Compliance & Security of any incidents, breaches or policy violations
• Compliance with Information Security Policies

• You should receive a confirmation email after submitting your application.
• A recruiter (not a computer) reviews all applications at League.
• If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
• The final step is an offer, which we hope you will accept!
• Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring.