Distinguished Security Engineer

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

How you can make a difference

The Distinguished Security Architect will work with stakeholders across the organization to ensure that systems, processes, and technologies are designed securely to meet the enterprise's business goals and objectives. This role involves maintaining and updating the enterprise's security architecture, communicating the architecture to stakeholders, and ensuring alignment with the enterprise's overall strategy.

What you'll be doing

Champion secure-by-design principles across architecture, engineering, and product teams.
• Define and evolve the enterprise security architecture framework with a focus on application and cloud-native security.
• Lead the development of security reference architectures and threat models for critical systems and services.
• Provide expert guidance on secure software development practices, including secure coding, dependency management, and CI/CD pipeline hardening.
• Drive adoption of modern application security practices such as zero trust, least privilege, and defense-in-depth.
• Collaborate with engineering and product teams to ensure security is integrated early in the SDLC (shift-left).
• Partner with platform and infrastructure teams to ensure secure configuration and operation of cloud-native services, especially in Azure.
• Influence enterprise-wide technology decisions by evaluating emerging security technologies and frameworks.
• Mentor architects, engineers, and developers on secure design patterns and threat mitigation strategies.
• Collaborate with compliance and risk teams to ensure alignment with regulatory and industry standards (e.g., NIST, ISO 27001, OWASP).
• Contribute to security incident response planning and postmortem analysis to improve architectural resilience.
• Engage with innovation teams to evaluate the security implications of emerging technologies, including AI/ML, APIs, and microservices.

What you will need to be successful

• Bachelor's degree in CS / Engineering or equivalent experience.
• 10+ years of experience working as a security engineer with a focus on Azure platform security.
• 10+ years of experience with .Net core, C#, node.js, TypeScript, Swagger.
• 5+ years experience in security transformations from on-premises to public cloud.
• 5+ years experience with Financial-grade API, cloud-native computing, service mesh.
• 5+ years' experience executing product security strategy in a highly regulated environment.
• Expertise in secure software development lifecycle (SSDLC) and DevSecOps practices.
• Strong knowledge of OWASP Top 10, threat modeling, and secure design patterns.
• Familiarity with modern development stacks (.NET Core, Node.js, TypeScript, etc.).
• Deep understanding of Azure security services (e.g., Azure Policy, Defender for Cloud, Key Vault, AKS).
• Excellent communication and stakeholder engagement skills.
• Ability to translate complex security concepts into actionable guidance for technical and non-technical audiences.
• CISSP, CSSLP, Azure Security Engineer Associate, or equivalent.

#LI-Remote

This is a remote position.

The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives and restricted stock units as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision

• HSA contribution and match

• Dependent care FSA match

• Uncapped paid time off

• Paid parental leave

• 401(k) match

• Personal and healthcare financial literacy programs

• Ongoing education& tuition assistance

• Gym and fitness reimbursement

• Wellness program incentives

Why work with HealthEquity

HealthEquity has a vision that by2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.

You belong at HealthEquity!

HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity - you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot's AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.

HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.