Senior Software Engineer, Security

About NexHealth

Our healthcare system remains frustratingly analog. When you live in a world of one-tap car rides, instant meal delivery, and unlimited streaming, why do you still have to call to schedule a doctor’s appointment and fill out a clipboard in the waiting room?

NexHealth’s mission is to accelerate innovation in healthcare by connecting patients, providers, and developers. We’re building the infrastructure layer for modern healthcare, connecting thousands of fragmented, on-premise, and closed EHR systems into a single, modern platform that powers software, APIs, payments, and patient experiences across the ecosystem.

• Founded: 2017

• Headquarters: San Francisco, CA

• Funding: $177M Series C

• Employees: 200+

• Trusted by tens of thousands of providers and hundreds of health-tech developers — forging the infrastructure layer that modern healthcare needs

About the Role

We're hiring a Senior Software Engineer, Security to own application security across our product platform — APIs, integrations, payments infrastructure, and the developer ecosystem built on top of our Synchronizer.

This is a hands-on engineering role, not a compliance or audit function. You'll write code, design secure systems, review architecture, and embed security into the way we build — working directly alongside product engineering teams from the earliest stages of design. Data is at the center of everything we do, which means the security bar here is high and the work is meaningful. Moreover as a health tech company, we have the highest levels of responsibility towards safeguarding patient and customer data across all the facilities and services NexHealth provides.

You'll report to engineering leadership and work closely with both product and platform teams.

What You’ll Do

• Design and build secure systems across our APIs, EHR integrations, payments infrastructure, and SaaS products

• Lead threat modeling and security design reviews for new features — embedded in the development process, not bolted on at the end

• Identify and remediate vulnerabilities in application code, dependencies, and infrastructure

• Improve authentication, authorization, and access control systems across our platform (OAuth, RBAC, service-to-service auth)

• Integrate and maintain security tooling in our CI/CD pipelines — SAST, DAST, dependency scanning

• Contribute to secure coding standards, internal libraries, and developer-facing security frameworks

• Support HIPAA and SOC 2 compliance through strong system design and documentation

• Help raise the security bar across the engineering org through code reviews, education, and pairing with developers

What You’ll Bring

• 5+ years of software engineering experience, with 1–3+ years focused on application or product security

• Experience building and securing backend systems in Python, Go, Java, or similar languages

• Solid understanding of common vulnerabilities and mitigations (OWASP Top 10 and beyond)

• Hands-on experience securing APIs and implementing authentication/authorization systems (OAuth 2.0, JWT, RBAC)

• Experience working in cloud environments — we run on AWS and Google Cloud

• Familiarity with security tooling: SAST, DAST, dependency scanning

• Bachelor's degree in Computer Science, Engineering, or equivalent practical experience

Compensation

Actual salaries will vary depending on factors including but not limited to location, experience, and performance. The range listed is just the base salary component of NexHealth’s total compensation package for employees. Other benefits may include stock options, an unlimited paid time off policy, and up to 100% coverage on medical, vision and dental insurance.

NexHealth Compensation Range

$165,000—$230,000 USD

Benefits

• Full Medical, Dental, and Vision (up to 100% covered)

• 401K and commuter benefits

• Flexible PTO

• High-impact work that directly improves the healthcare experience for millions

Our Values

• Solve the customer’s problems, not yours
When making decisions, think from the perspective of the customer. It’s easy to make decisions that make our lives simpler, but not the customers.

• Do the things others are not willing to do
As a Nexer, always go after the hardest problems. Pursue things at the highest quality. Move at the fastest pace.

• Take ownership
Act like a founder. Own your roles, destinies, mistakes, behavior, and our mission. The buck stops with each of us - no blaming or excuses.

• Say what’s on your mind, with positive intent
Be direct, proactive, transparent, and frequent in your communication.

• Default trust
As a Nexer, you do not have to earn trust, trust is given to you by default. If we by default trust each other, our speed of communication, feedback, information sharing, and overall improvements will be a lot faster.

• Think in first principles
We first identify the problem and then break it down to its fundamentals before diving into solutions. We constantly ask “why” to validate our assumptions.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We provide reasonable accommodation for individuals with disabilities to participate in the application or interview process. Contact [email protected] to request assistance.