Lead Security Engineer
23 Oct 2025
Ottawa, ON, Canada
Verified by Turrior
Content + Source + Freshness • 12 Dec 2025 • 95% confidence
87 / 100
Offer value
High value due to the seniority of the position in a reputable health tech company, with a comprehensive focus on security in healthcare.
- Leadership role in a health tech company
- Flexible working options and generous PTO
- Strong focus on healthcare security and compliance
- Requires significant industry experience (7+ years)
Pros
- Leadership role in a growing health tech company
- Impactful role driving security initiatives in healthcare data
- Flexibility with workplace choices and generous benefits
Cons
- Requires extensive experience in security frameworks and application security
- High pressure to meet security standards in a sensitive industry
- Potentially limited scope for creativity in established frameworks
Who it's for
Senior / Lead • Hybrid / Remote
Good fit
- Senior security professionals
- Individuals passionate about healthcare technology
- Candidates with a strong collaborative approach
Not recommended for
- Entry-level security practitioners
- Candidates looking for strict office environments
- Those uncomfortable with compliance-intensive work
Motivation fit
Desire to contribute significantly to healthcare securityInterest in developing innovative security practicesEagerness to collaborate across various teams to drive security initiatives
Key skills
Application security and risk managementKnowledge of health data protection regulationsAbility to implement security during product development
Score: 87/100 AI verified analysis
About the job
About Fullscript
Founded in 2011, Fullscript started by solving one problem: helping practitioners access and prescribe the products they trust to deliver integrative care.
What began as a simple solution has evolved into a health intelligence platform that powers every part of care.
Today, 125,000 practitioners rely on Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements. They support over 10 million patients who use Fullscript to stay connected to their care plans, making it easier to stay engaged and follow through on treatment.
We build tools that make care smarter and more human. Tools that save time, simplify decisions, and strengthen the connection between practitioner and patient. When everything practitioners need is in one place, they can focus on what matters most: helping people get better.
🎟️ This is your invitation.
Bring your ideas. Bring your grit. Bring your care for people.
Join us and shape the future of care.
The Role
As the Lead Security Engineer, you will be leading and maturing our efforts in delivering a modern and secure user experience and effective risk management. You will join a Security team that’s responsible for DevSecOps, AppSec, GRC, security operations, and incident response. You will have the opportunity to make a difference on a wide array of security challenges and solve interesting problems along the way.
What You'll Do:
- Drive security initiatives ensure security is considered from design through implementation.
- Effectively utilize threat model to inform application design decisions.
- Perform security code review to validate vulnerabilities, exploitabilities, and adherence to security best practices.
- Triage application vulnerabilities and recommend remediation strategies.
- Purple team our application and demonstrate attack vectors.
- Improve security processes and tooling automation.
- Optimize security processes using SLAs, severity frameworks, and remediation protocols.
What you bring to the table:
- Demonstrated success delivering application security programs.
- Experience partnering with cross-organizational teams to drive security initiatives.
- Experience with engineering focused remediation and mitigation strategies against security vulnerabilities.
- Experience with with product engineering and security engineering.
Additional experience we value:
- Experience with hardening/security best practices for AWS, Kubernetes, CI/CD Pipelines, IaC, Terraform, CloudFormation
- Experience with protecting / hardening of health data.
- Experience securing Ruby on Rails, Javascript, GraphQL applications.
- Experience with pen-test software (Burpsuite).
- Understanding of industry frameworks (SOC2, PCI, HIPAA, HITRUST, NIST).
What we can offer you
- Generous PTO and competitive pay.
- Fullscript’s RRSP match program for financial health.
- Flexible benefits package and workplace wellness program.
- Training budget and company-wide learning initiatives.
- Discount on Fullscript catalog of products.
- Ability to work Wherever You Work Well
Why Fullscript
Great work happens when people feel supported, trusted, and inspired. You’ll join a team that:
⬦ Values innovation. We stay curious and keep finding smarter ways to make care better.
⬦ Supports growth. We learn together and take on new challenges that drive impact.
⬦ Puts people first. We win as a team and leave egos at the door.
📌 Apply now. Let’s build the future of healthcare together.
A Few Things to Know
We’re grateful for the high level of interest in joining Fullscript. Because of the number of messages we receive, we’re not able to review or respond to individual inquiries about open roles via email, LinkedIn, or other social platforms. Please apply directly through our careers page to ensure your application reaches our hiring team.
Fullscript is an equal opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request. Email accommodations@fullscript.com for support.
All employment offers are contingent upon the successful completion of background checks, conducted in compliance with applicable federal, state, and provincial laws.
We also use AI tools to support parts of our hiring process, like screening and reviewing responses. Final decisions are always made by people. This process complies with privacy and employment laws across Canada and the U.S.
Learn More About Fullscript
💬 @fullscriptHQ on instagram
