Staff/Principal Security Engineer (HHS)

About Skylight

Skylight is a digital consultancy using design and technology to help government agencies deliver better public services. We’re at the forefront of a civic movement to reinvent how all levels of government serve families, patients, and many others in today's digital world.

If you want to play a part in driving this critical movement forward, we’d love for you to join our growing team of public interest technologists. The work we do matters.

About the job

At Skylight, security engineers stay up to date with the cutting edge of security and help teams implement new processes, tools, and remediations. They’re familiar with modern software development and work in cross-functional teams to inform and guide security best practices at all stages of the software development life cycle.

What you’ll do

• Protect sensitive data by applying security and privacy best practices
• Conduct security audits and risk analyses
• Plan and implement remediations
• Conduct ongoing research to keep up with industry practices and new attack vectors
• Select and use the right tools, frameworks, languages, and technologies for the job, with a preference for open-source solutions

What we're looking for

Minimum qualifications

• Able to detect risks by continually reviewing all aspects of the application for vulnerabilities and enumerating them 
• Able to mitigate and prevent risks by proactively working with teams to build secure and compliant systems
• Familiarity with common sources of vulnerability information
• Familiarity with regulatory requirements regarding security and compliance
• Ability to work successfully within a professional services environment (e.g., can communicate effectively with clients)
• Passionate about creating better public outcomes through great government services
• A mindset and work approach that aligns with our core values
• Ability to travel for work from time to time

Nice-to-have qualifications

• Can write clean, working, and reusable code in at least one programming language
• Experience with application development, particularly web development and testing frameworks
• Experience with cloud infrastructure and infrastructure as code
• Prior experience working in the civic tech space
• Experience working in a remote-team environment

Don’t meet 100% of the criteria but think you can do the job? We’d love to chat anyway! We’re on a mission to build diverse teams, and studies have shown that women and marginalized folks are less likely to apply to jobs if they don’t check every box.

Other requirements

• All work must be conducted within the U.S., excluding U.S. territories. Some federal contracts require U.S. citizenship to be eligible for employment.
• You must be legally authorized to work in the U.S. now and in the future without sponsorship.
• As a government contractor, you may be required to obtain a public trust or security clearance.
• You may be required to complete a company background check successfully.
• Some of our available roles are on federal contracts that require a degree or additional years of experience as a substitute.

Position type

This is a full-time, exempt position.

Location

This is a fully remote position.

Care package

Salary

We want to give you the most competitive salary possible. After all, you deserve it! To that end, we use the results of our interview process to determine what salary is most appropriate given your current level of seniority. For a Security Engineer at Skylight, the current salary ranges are as follows:

• Associate Security Engineer: $90,000–$125,000
• Security Engineer I: $120,000–$140,000
• Security Engineer II: $135,000–$160,000
• Senior Security Engineer: $150,000–$185,000
• Staff Security Engineer: $170,000–$203,000
• Principal Security Engineer: $180,000–$230,000

Benefits

Your well-being is important to us, so we focus on supporting you in a variety of ways:

• Medical insurance, dental insurance, vision insurance
• Short-term and long-term disability insurance
• Life and AD&D insurance
• Dependent care FSA, healthcare FSA, health savings account
• Dollar-for-dollar 401(k) match up to 10% of your salary with no vesting period
• Flexible paid time off policy (generally around 25 days per year), plus 11 paid federal holidays
• Up to 12 weeks paid time off for all eligible new birth, adoption, or foster parents
• Performance rewards, including annual salary increase, annual performance bonus, spot bonuses, and stock options
• Business development / sales bonuses
• Referral bonuses
• Annual $2,000 allowance for professional development
• Annual $750 allowance for tech-related purchases
• Annual swag budget of $100 to display your Skylight pride with some merchandise (hoodies, hats, and more)
• Dollar-for-dollar charity donation matching, up to $500 per year
• Flexible, remote-friendly work environment
• An environment that empowers you to unleash your superpowers for public good

Interview tips

• Visit our join page to learn more about how our interview process works.
• Check out our Career Pathways framework to learn more about the different roles within Skylight and the skills needed to do them.
• If you’d like to request reasonable accommodations during the application or interviewing process, please contact our recruiting team at recruiting@skylight.digital.

We participate in E-Verify and upon hire, will provide the federal government with your Form I-9 information to confirm that you’re authorized to work in the U.S.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, religion, age, disability, veteran status, or any other category protected by applicable law.