Staff Security Engineer

About Fullscript We’re an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care. That simple idea grew into a platform that powers every part of care. Today, more than 125,000 practitioners use Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements. Over 10 million patients rely on Fullscript to stay connected to their care plans and follow through on treatment. We build tools that make care smarter and more human. Tools that save time, simplify decisions, and help practitioners stay closely connected to the people they care for. When everything they need is in one place, they can focus on what matters most: helping people get better. This is your invitation. Bring your ideas, your grit, and your care for people. Join us and shape the future of care. Fullscript is seeking a seasoned Staff Security Engineer to join our security team as a senior technical leader. In this role, you’ll shape the technical vision for product and AI security across the organization, mentoring teammates and driving impact through deep technical expertise and cross-functional collaboration. What you'll do:

Lead the design and implementation of robust security architectures for Fullscript’s applications, and AI initiatives. 

Collaborate closely with engineering teams to embed security into the development lifecycle, including threat modeling, security coding practices, and design reviews.

Drive AI security best practices, ensuring responsible deployment, and mitigation of risks such as data poisoning, prompt injection, or model exploitation.

Mentor engineers and other security team members, fostering a culture of security awareness and technical excellence across the organization.

Conduct technical risk assessments, security research, and code reviews to proactively identify and remediate vulnerabilities. 

Influence cross-functional teams through technical leadership, helping define security standards and strategies that scale across Fullscript’s products and AI ecosystem. 

Stay ahead of emerging threats, attack vectors, and AI-specific security challenges to guide strategic decisions for the organization’s security posture.

What you bring to the table:

Deep technical expertise in application security, and secure software development.

Experience with AI/ML security.

Strong understanding of modern software architectures, cloud environments, and APIs.

Proven ability to influence and mentor engineers across teams, fostering security-first thinking and best practices.

Hands-on experience with security tooling and automation, including static/dynamic analysis, monitoring, and observability systems.

Strong problem solving skills, able to balance security rigor with product velocity.

Excellent communication and collaboration skills, able to translate complex security concepts to technical and non-technical stakeholders.

Experience with protecting / hardening of health data.

Experience securing Ruby on Rails, Javascript, GraphQL applications.

Familiarity with regulatory and compliance frameworks relevant to software and AI security is a plus (e.g. SOC 2, NIST).

What we can offer you:

Generous PTO and competitive pay.

Fullscript’s RRSP match program for financial health.

Flexible benefits package and workplace wellness program.

Training budget and company-wide learning initiatives.

Discount on Fullscript catalog of products.

Ability to work Wherever You Work Well*