Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Staff Software Engineer, Security image - Rise Careers
Job details

Staff Software Engineer, Security

Dandy is transforming the massive ($200B) but antiquated dental industry. Backed by some of the world's leading venture capital investors, we are on an ambitious mission to integrate and simplify every function of the dental practice through technology. By building the operating system for every dental office in America, Dandy is empowering dentists with technology, innovation, and world-class support to achieve more for their practice, their people, and their patients.

About the Team

We are offering a distinct opportunity: the chance to be our first dedicated security leader and help establish the formal security and compliance function for our growing dental tech platform.

We have a modern tech stack powering our business, but we need an expert like you to build out the security strategy, mature our processes, implement the right tooling, and foster a strong security culture. This is your opportunity to take a leadership role with high autonomy and resources, integrating best practices within a rapidly growing organization. You'll be a key security authority, tackling crucial challenges around protecting sensitive patient data (HIPAA compliance is critical), securing our cloud infrastructure, and embedding robust security within a fast-paced development lifecycle.

If you're motivated by significant ownership, making a tangible impact quickly by bringing structure and expertise, and building a mature security posture for a growing company poised for significant impact, this role provides that unique combination.

What You’ll Do

  • Formalize and lead the end-to-end vulnerability management program, implementing appropriate tools, automation, and remediation processes.

  • Establish and manage our security compliance program, ensuring robust adherence to HIPAA and other relevant standards through policy development, assessments, and audits.

  • Assess, select, implement, and manage core security infrastructure and tooling tailored to our cloud environment.

  • Develop and lead Dandy's security incident response capability, ensuring readiness and effective management.

  • Define, own, and drive the company's security strategy and roadmap, acting as the key security voice to engineering and executive leadership.

What We’re Looking For

  • 8+ years of progressive cybersecurity experience with a proven track record of leading impactful security initiatives or maturing security programs.

  • Deep strategic and hands-on expertise across security domains, especially vulnerability management, compliance (HIPAA expertise highly valued), and cloud/application security.

  • Experience assessing existing environments and implementing effective security controls and processes.

  • Proven success in leading incident response and conducting thorough risk assessments.

  • Strong analytical skills, excellent communication to champion security across the company, and the drive to operate autonomously and build out a critical function.

  • Adaptability to apply security principles effectively in a fast-paced, high-growth startup environment.

Bonus Points

  • Deep experience within the healthcare technology sector and implementing HIPAA controls.

  • Proven experience integrating security effectively into CI/CD and DevSecOps workflows.

  • Strong scripting/automation skills (Python, Go, etc.) for security contexts.

  • Relevant industry certifications (CISSP, CISM, OSCP, cloud security).

  • Experience helping an organization scale its security practices during rapid growth.

For full time positions, we offer a wide range of best in class, comprehensive and inclusive employee benefits including healthcare, dental, parental planning, mental health benefits, a 401(k) plan, and paid time off.

Dandy is proud to be an equal-opportunity employer. We are committed to building a diverse and inclusive culture that celebrates authenticity to win as one. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability, protected veteran status, citizenship or immigration status, or any other legally protected characteristics.

Dandy also fully complies with the Americans with Disabilities Act (ADA). We are dedicated to embracing challenges and creating an accessible, inclusive workplace for all individuals. If you require any accommodations for your interview or have any questions beforehand, rest assured that we will do everything we can to meet your needs. Visit Dandy Careers for more!

Average salary estimate

$150000 / YEARLY (est.)
min
max
$120000K
$180000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Staff Software Engineer, Security, Dandy

Dandy is on a transformative mission to reshape the $200 billion dental industry using technology, and we’re looking for a passionate Staff Software Engineer, Security to lead the charge! As our first dedicated security leader, you're not just another cog in the wheel; you will be pivotal in establishing and refining our security and compliance functions for a cutting-edge dental tech platform. This role is packed with excitement and challenges as you'll have the autonomy to craft our security strategy, implement essential tools, and foster a security-driven culture. Your expertise will help protect sensitive patient data while ensuring compliance with standards like HIPAA. You'll manage everything from vulnerability management programs to security incident responses, all integrated within a fast-paced development lifecycle. With your significant ownership, you’ll tackle crucial issues and embed robust security practices that will directly impact our growth and mission to empower dentists across America. Dandy is not just about building an operating system for every dental office; it’s about creating an innovative, secure environment where they can thrive. If you’re ready to make a meaningful impact in a dynamic startup setting, we would love to hear from you!

Frequently Asked Questions (FAQs) for Staff Software Engineer, Security Role at Dandy
What are the main responsibilities of a Staff Software Engineer, Security at Dandy?

As a Staff Software Engineer, Security at Dandy, your primary responsibilities will encompass formalizing and leading the end-to-end vulnerability management program, ensuring compliance with HIPAA and other relevant standards, managing security infrastructure tailored to our cloud environment, and developing our security incident response capability. This position allows you to act as a key security voice within our engineering and executive leadership teams, shaping the future of our security strategy.

Join Rise to see the full answer
What qualifications are required for the Staff Software Engineer, Security position at Dandy?

To be a successful candidate for the Staff Software Engineer, Security role at Dandy, you should have at least 8 years of progressive cybersecurity experience, demonstrating a track record of leading impactful initiatives. Strong expertise in vulnerability management, compliance—especially HIPAA—and cloud/application security is essential. You’ll also need excellent analytical skills, communication abilities, and a proven track record in incident response.

Join Rise to see the full answer
How can a candidate prepare for the interview for the Staff Software Engineer, Security role at Dandy?

Candidates preparing for the Staff Software Engineer, Security interview at Dandy should familiarize themselves with HIPAA compliance requirements, vulnerability management strategies, and cloud security best practices. Additionally, showcasing your experience in leading security initiatives and articulating your problem-solving approach will help you stand out. Having practical examples of how you've integrated security into development processes will also be beneficial.

Join Rise to see the full answer
What makes Dandy an exciting place to work for a Staff Software Engineer, Security?

Dandy offers a unique opportunity for a Staff Software Engineer, Security because you will be at the forefront of transforming the dental industry through innovation and technology. You'll have a significant impact on building mature security practices in a high-growth startup environment where your ideas will be valued, and you'll have the autonomy to implement real change. Additionally, Dandy is committed to fostering a diverse and inclusive workplace, making it an attractive employer.

Join Rise to see the full answer
What benefits does Dandy offer for full-time Staff Software Engineer, Security positions?

For full-time Staff Software Engineer, Security positions, Dandy provides an extensive range of competitive benefits, including comprehensive healthcare, dental plans, parental planning resources, mental health support, a 401(k) plan, and generous paid time off. These benefits reflect Dandy’s commitment to nurturing the well-being of its employees and creating an inclusive work culture.

Join Rise to see the full answer
Common Interview Questions for Staff Software Engineer, Security
Can you describe your experience with vulnerability management?

When answering this question, emphasize specific instances where you have developed and led vulnerability management programs. Discuss the tools you implemented, the automation strategies you used, and how you prioritized vulnerabilities based on risk assessment.

Join Rise to see the full answer
How do you stay current with the latest security threats and compliance regulations?

Demonstrate your dedication to continuous learning by discussing how you follow industry news, participate in webinars, engage with professional security groups, or attend conferences. Mention any certifications you are pursuing that keep you informed.

Join Rise to see the full answer
What strategies would you implement to foster a security culture at Dandy?

Share your strategies for embedding security awareness deeply within an organization. Discuss training programs, regular communication, and hands-on workshops that can engage team members in security practices, illustrating past successes.

Join Rise to see the full answer
How would you respond to a security breach at Dandy?

Outline a structured response plan that includes immediate containment, investigation steps, and communication strategies. Highlight any relevant experiences where you managed a breach effectively, detailing what you learned and how you applied those lessons.

Join Rise to see the full answer
What tools do you consider essential for managing cloud security?

Identify specific tools you've successfully used in previous roles, such as AWS CloudTrail for monitoring or security information and event management (SIEM) systems for compliance. Articulate why these tools are effective and how they fit into a broader security strategy.

Join Rise to see the full answer
Can you explain the importance of HIPAA compliance for a tech company like Dandy?

Discuss HIPAA’s critical role in protecting patient information and how compliance directly impacts Dandy's trust with clients. Provide examples of measures that must be in place, such as encryption, secure access controls, and regular audits.

Join Rise to see the full answer
How do you balance security with the need for rapid development in a startup environment?

Explain the importance of integrating security practices into CI/CD pipelines and how doing so can maintain agility without compromising on security. Use specific examples of how you've implemented security in fast-paced environments.

Join Rise to see the full answer
What role does incident response play in a security strategy?

Discuss how incident response is critical for identifying, mitigating, and learning from security incidents. Share experiences that underscore the importance of preparedness and having a clear incident response plan.

Join Rise to see the full answer
How do you assess the effectiveness of security measures in a cloud environment?

Focus on metrics and evaluation methods, such as regular security assessments, penetration testing results, and compliance audits. Elaborate on the importance of iterative improvements based on these evaluations.

Join Rise to see the full answer
What are your long-term goals for the security strategy at Dandy?

Articulate your vision for evolving the security practices at Dandy over time. Discuss areas for growth, new technologies to adopt, and how you plan to continuously enhance the security posture as the company grows.

Join Rise to see the full answer
Similar Jobs
D
Dandy Remote No location specified
VIEW
Posted 9 days ago

Join Dandy in transforming the dental industry through innovation and operational excellence as a Senior Manager of Strategy & Operations.

D
Dandy Remote No location specified
VIEW
Posted 9 days ago

Join Dandy as an Engineering Manager II to lead a dynamic team in transforming the dental industry through cutting-edge technology.

Photo of the Rise User
Motive Remote Canada - Remote
VIEW
Posted yesterday
Badge Changemaker Badge Diversity Champion
Diversity of Opinions
Inclusive & Diverse
Collaboration over Competition
Growth & Learning
Mission Driven
Rapid Growth
Passion for Exploration
Empathetic
Feedback Forward
Medical Insurance
Dental Insurance
Vision Insurance
401K Matching
Life insurance
Maternity Leave
Paternity Leave
Paid Holidays
Paid Time-Off
Performance Bonus
Social Gatherings
Some Meals Provided

Join Motive as a Software Engineer to revolutionize financial transactions for a diverse client base using innovative technology.

Photo of the Rise User
Orion Innovation Remote Mexico, Mexico
VIEW
Posted 8 days ago

Orion Innovation seeks a skilled Senior Software Engineer with a focus on Python and customer experience, to join their talented remote team.

A
AZX Remote Seattle
VIEW
Posted 6 days ago

AZX is in search of innovative Software Engineers to create cutting-edge solutions that drive significant industry advancements.

Photo of the Rise User
OKX Remote San Jose, California, United States
VIEW
Posted 7 days ago
Badge Changemaker Badge Family Friendly

OKX is looking for a Staff Software Engineer to join their front-end development team and drive innovations in their crypto trading platform.

Photo of the Rise User
Waystar Hybrid Louisville, KY
VIEW
Posted 7 days ago

As a Mid-Level Application Engineer at Waystar, you will work collaboratively on innovative web applications that enhance the healthcare payments experience.

F
Fox Hybrid Los Angeles, California, USA
VIEW
Posted 6 days ago

Join Fox Corporation as a Software Engineer to innovate AI applications and contribute significantly to the future of entertainment technology.

Photo of the Rise User
Charles Schwab Remote US, Douglas County, CO; Colorado, Lone Tree, Douglas County, CO
VIEW
Posted 13 days ago

Schwab is seeking a seasoned zOS Systems Programmer to enhance system reliability and engage in innovative problem-solving within the finance industry.

Photo of the Rise User
Charles Schwab Remote US, Tarrant County, TX; Texas, Southlake, TX
VIEW
Posted 2 days ago

Join Schwab's Advisor Services Technology team as an Angular / .Net Developer to enhance digital solutions for our clients.

D Dandy

155 jobs
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
No info
HQ LOCATION
No info
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
April 8, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
© 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok