Senior Software Security Engineer

Position Summary

League is seeking a Software Security Engineer to join our Security Engineering org and focus full-time on building internal security tooling and security-by-design engineering capabilities across our healthcare platform ecosystem.

This is a highly hands-on software engineering role focused on developing custom security infrastructure, developer security tooling, and automation systems that strengthen League’s platform security posture at scale. You will work closely with Security, Platform Engineering, Infrastructure, and Product Engineering teams to build tools and workflows that improve secure software delivery, automate security operations, and protect sensitive healthcare and member data.

This is not a governance, audit, or advisory-only role. We are looking for an engineer who writes production-quality code, builds scalable systems, and applies strong software engineering principles to solve complex security challenges in a modern cloud-native environment.

As League continues scaling AI-native healthcare experiences and enterprise platform capabilities, security engineering plays a critical role in ensuring our systems remain secure, resilient, compliant, and developer-friendly.

What You will do:

Security Tooling & Platform Engineering

• Design, build, and maintain custom internal security tooling used across League’s engineering organization

• Develop automation systems that improve application security, secrets management, identity management, and secure software delivery workflows

• Build developer-friendly security tooling integrated into CI/CD pipelines and internal engineering platforms

• Create scalable systems for vulnerability detection, remediation automation, policy enforcement, and security telemetry collection

Secure Software Development

• Write secure, maintainable, production-quality code across backend services, APIs, and cloud-native systems

• Develop security services and APIs supporting authentication, authorization, secrets management, and access governance

• Build and maintain tooling around OAuth/OIDC flows, token lifecycle management, RBAC, service authentication, and secure session handling

• Improve secure-by-default engineering practices across League’s platform ecosystem

Cloud & Infrastructure Security

• Build and automate cloud security controls across AWS, GCP, and Kubernetes environments

• Develop tooling for infrastructure security, workload identity, encryption management, and runtime protection

• Partner with Platform Engineering teams to strengthen container security, Kubernetes security posture, and infrastructure hardening

• Improve observability and monitoring for security events, anomalous behavior, and operational risk

AI & Security Innovation

• Build security capabilities that support AI-native engineering workflows and AI-powered healthcare experiences

• Evaluate emerging AI-assisted security tooling and identify opportunities to improve engineering productivity and platform protection

• Develop secure workflows and controls around AI-enabled systems and sensitive healthcare data usage

Cross-Functional Collaboration

• Partner closely with Security, Infrastructure, Platform Engineering, Compliance, and Product Engineering teams to drive secure engineering practices

• Translate security concepts into practical engineering solutions that improve developer experience and operational efficiency

• Support security incident response, root cause analysis, and remediation efforts when required

What You Bring

• 5+ years of software engineering experience with strong focus on security engineering, platform engineering, or infrastructure security.
• Experience building internal engineering or security tooling in cloud-native production environments.
• Strong hands-on backend engineering experience building APIs, services, and automation systems.
• Experience implementing secure authentication and authorization systems in production applications.
• Experience working in regulated or high-trust environments such as healthcare, fintech, or enterprise SaaS is strongly preferred.
• Experience integrating security tooling into CI/CD pipelines and developer workflows.
• Experience working with Kubernetes and distributed systems in production environments.
• Experience working with AI-enabled systems, AI-assisted engineering workflows, or LLM-based applications is considered a strong asset.

• Use AI tools as part of your daily workflow to enhance productivity, problem-solving, and decision-making (e.g., drafting, analysis, coding, research, or process automation)
• Apply judgment and accountability when using AI by reviewing outputs for accuracy, bias, and quality before use
• Continuously learn and adapt as new AI tools and capabilities emerge, incorporating them into your ways of working
• Identify opportunities to improve how work gets done from personal productivity to team-level workflows by leveraging AI effectively
• Operate with strong data responsibility and security awareness, especially when working with sensitive or regulated information

• Individual Contributors: Use AI to improve personal productivity and quality of output
• Senior ICs / Managers: Integrate AI into team workflows and improve processes
• Leaders: Drive AI adoption at the organizational level and shape how work is done across teams

• Demonstrated experience using AI tools in a practical, responsible way
• Curiosity and openness to experimenting with new technologies
• Ability to balance efficiency with quality and sound judgment

Security-Related Responsibilities

• Ensure access management is performed in compliance with the employee's role and responsibilities
• Responsibility and accountability for executing League's policies and procedures within the department/ team
• Notification of HR, Legal, Compliance & Security of any incidents, breaches or policy violations
• Compliance with Information Security Policies

• You should receive a confirmation email after submitting your application.
• A recruiter (not a computer) reviews all applications at League.
• If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
• The final step is an offer, which we hope you will accept!
• Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring.