Skip to main content
Back to jobs

Security Engineer - Application Security & Identity

External
realchemistry logoRealchemistry · Remote
$60K–$80K/yrFull-timeRemoteToday
Application SecurityAWSCI/CDClassificationCloud SecurityCompliance
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Responsibilities

  • Conduct security reviews of Internally developed applications including:
  • Data flow validation
  • Security control design and implementation
  • Secrets handling
  • AI/LLM Data Loss Prevention (DLP)
  • Co-lead production readiness reviews for strictly governed environments:
  • Threat modeling
  • Hardening validation
  • Compliance mapping (SOC 2and contractual and regulatory requirements)
  • Define and enforce identity architecture:
  • Corporate identity: Entra ID
  • Workload identity: AWS IAM and GitHub OIDC
  • Define and manage GitHub native security controls :
  • GitHub Advanced Security (CodeQL / SAST)
  • Dependabot (dependency scanning)
  • Secret scanning
  • Branch protection and environment controls
  • Establish standards for security tooling:
  • SAST (CodeQL, Semgrep)
  • SCA (Dependabot, Snyk)
  • Container scanning (Trivy, ECR scanning)
  • Infrastructure as Code (IaC) policy (OPA, Sentinel, tfsec)
  • Define AWS security standards:
  • IAM design and least-privilege access
  • Logging and audit requirements
  • Secrets management and rotation
  • Scope and coordinate third-party penetration testing
  • Maintain audit logging maturity per environment requirements:
  • Baseline logging
  • User-level activity tracking
  • Tamper-evident audit trails with SIEM integration
  • Perform initial triage and risk classification within time requirements for critical issues identified in intake (data exposure, credentials, regulatory risk).
  • Partner with DevOps Engineering to ensure security policies are implemented in pipelines and infrastructure
  • AI Security & Usage Governance
  • Define approved AI providers and usage boundaries
  • Establish prompt data classification and handling policies
  • Enforce human-in-the-loop requirements where appropriate
  • Define cost/spend guardrails for AI services
  • Required Qualifications
  • 5+ years (or 3-5+ in high-growth environments) in cloud security, 2 of which should be be focused application security
  • Hands-on security experience with:
  • AWS IAM
  • SAML / OIDC federation
  • GitHub security tooling
  • Experience with threat modeling and coordinating penetration testing
  • Familiarity with SOC 2, GDPR, and HIPAA-adjacent controls
  • In-depth understanding of the risk lifecycle

Requirements

  • Experience securing GitHub-based CI/CD pipelines
  • Experience in AWS native environments
  • Exposure to regulated industries (GxP, 21 CFR Part 11)
  • Security certifications (CISSP, CCSP, OSCP, GIAC, etc.)
  • Associates degree or higher
  • Experience bringing low-code or AI-generated applications under enterprise security controls
  • Pay Range: $60,000-$80,000
  • Real Chemistry is proud to be Great Place to Work® certified; check out what our people shared about our culture and workplace on our Great Places to Work Profile here .
  • We believe we can do our best when feeling our best, which is why we've put together a benefits program designed to give you the s

Benefits

Health insuranceRemote work options

Additional Information

At Real Chemistry, making the world a healthier place isn't just an aspiration-it's our everyday reality. Our drive to transform healthcare is informed by our blend of deep scientific expertise, human-centred creativity, and AI-driven insights, fostering a unique environment where innovation thrives and our people are impact-obsessed. As a global agency, we provide a full suite of services across healthcare communications and marketing to our clients, including top players in the pharmaceutical and biotech industries. Our #LifeatRealChem culture is rooted in our people-we believe we are best together and are committed to excellence for both our clients and colleagues. Whether you're a seasoned professional or just starting your career, if you share our passion for healthcare and connection, we invite you to explore our opportunities. Discover your purpose. Embrace innovation. Experience #LifeatRealChem. Security Engineer - Application Security & Identity Function: Information Security Reports to: Head of Security Role Summary Owns application security across multiple environments, each with increasing control and compliance requirements. Acts as reviewer for the least complex environments and co-reviewer for higher complexity and controlled environments. Defines and enforces security controls across AWS hosted workloads and GitHub based development pipelines while maintaining independent review authority. Applications originate as AI-assisted prototypes and require structured security validation before enterprise production deployment. This is a hybrid role, based in any of our US offices-including New York City, Boston, Chicago, Carmel, or San Francisco-or remotely within the US, depending on team and business needs.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at realchemistry? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect