Senior Security Engineer at prahsys.com – The Woodlands, Texas

About PrahsysPrahsys is a dynamic healthcare-focused company committed to driving growth and innovation in the healthcare industry. We collaborate with leading healthcare organizations to enhance their products and amplify their market presence. With over 50 years of combined experience, our team brings deep insights into real-world practitioner challenges, allowing us to craft solutions that seamlessly integrate with existing platforms.
The opportunity is vast, with over 1,400 medical software companies in the market. We aim to put our cutting-edge products in the hands of millions of practitioners, offering tools that not only boost revenue but also optimize workflows—making the medical office more efficient and significantly reducing the administrative load on front office staff.
The healthcare industry is on the brink of a transformation, and Prahsys is here to lead the way. The future of healthcare is bright. Join us as we embark on this exciting journey to modernize the industry and deliver the next generation of healthcare solutions.
About the JobAs a Lead Security Engineer at Prahsys, you will be responsible for designing, implementing, and overseeing security strategies to safeguard our products, infrastructure, and data. Initially, you will be hands-on in building security architecture and frameworks, and over time, transition into a leadership role overseeing other security engineers. You will work closely with product teams, influencing architecture decisions and ensuring secure development practices.
Your primary responsibilities will include securing cloud infrastructure, enhancing CI/CD security, performing threat modeling, and implementing security automation. You will also oversee application security, conduct risk assessments, manage vulnerability remediation, and ensure compliance with industry regulations such as HIPAA, SOC-2, and PCI-DSS.
Responsibilities

• Lead and develop security strategies for infrastructure, application, and cloud security.
• Architect and implement security frameworks for other engineers to follow.
• Secure cloud infrastructure (Google Cloud Platform) and containerized environments (Docker).
• Improve CI/CD security, integrating SAST, DAST, and security automation.
• Conduct threat modeling, risk assessments, and penetration testing.
• Ensure secure software development practices, performing security code reviews.
• Oversee vulnerability management, incident response, and security monitoring.
• Manage a team of 2-8 security engineers, providing technical mentorship and oversight.
• Establish security policies, best practices, and compliance standards (HIPAA, SOC-2, PCI-DSS).
• Collaborate daily with product teams to integrate security into architecture and implementation.
• Work autonomously, making strategic security decisions while reporting to the CTO.

Preferred Qualifications

• 8+ years of relevant experience in security engineering.
• Experience leading security teams and mentoring engineers.
• Background in fintech or other highly regulated industries.
• Familiarity with DevSecOps principles and secure software development lifecycle (SSDLC).
• Experience with security orchestration and automation tools.
• Cloud Security: Strong expertise in Google Cloud Platform (GCP).
• Container Security: Experience securing Docker environments.
• Software Development: Hands-on programming experience across multiple languages such as DotNet, Node.js, Python, Go, and Rust (preferred).
• Security Automation & Tooling: Ability to develop security frameworks and automate security processes.
• Application Security: SAST, DAST, and manual penetration testing.
• Threat Modeling & Risk Assessments: Proficiency in identifying and mitigating security threats.
• Compliance & Regulations: Experience with HIPAA, SOC-2 (required) and PCI-DSS (preferred).

Minimum Qualifications

• 5+ years of hands-on security engineering experience.
• Strong expertise in GCP & Docker security.
• Proven programming experience in multiple languages (e.g., Node.js, Python, Go, DotNet).
• Hands-on experience with security assessments, penetration testing, and vulnerability management.
• Knowledge of compliance frameworks such as HIPAA and SOC-2.

Our Tech Stack

• Frontend: React, Typescript, Next.js
• Backend: Node.js, Laravel, Python
• Database: PostgreSQL
• AI/ML: TensorFlow
• Cloud/Hosting: Google Cloud, Vercel, Laravel Forge, Envoyer

Why Join Prahsys?At Prahsys, we are committed to building cutting-edge fintech solutions with security at the core. As our Lead Security Engineer, you will shape the security culture, influence strategic decisions, and have full autonomy in driving security initiatives. You’ll work in a fast-paced, highly collaborative startup environment, solving complex challenges while protecting critical financial and personal data.If you are passionate about security, automation, and leading high-impact security initiatives, we’d love to hear from you!
Perks & Benefits

• Remote-first work environment
• Competitive compensation package
• Top-tier health, dental & vision coverage
• Company-issued equipment
• Home office & equipment stipend
• Paid vacations with the Prahsys team
• Unlimited PTO