Staff Software Engineer - Security

Dandy is transforming the massive and antiquated dental industry—an industry worth over $200B. Backed by some of the world’s leading venture capital firms, we’re on an ambitious mission to simplify and modernize every function of the dental practice through technology. As we expand our reach globally, Dandy is building the operating system for dental offices around the world—empowering clinicians and their teams with technology, innovation, and world-class support to achieve more for their practices, their people, and their patients.

About the Team

We're growing rapidly and are seeking a highly skilled and hands-on Staff Security Engineer to be our first dedicated security engineer. This is a unique opportunity to lay the technical groundwork for security, making a direct impact on protecting our platform and customer data from day one.

You'll have significant autonomy to select, implement, and manage security solutions, hunt for and remediate vulnerabilities, and be a key player in incident response. While you'll be our first security hire, your focus will be on deep technical execution and building out our defenses and security posture.

If you're passionate about building secure systems, thrive on technical challenges, enjoy a blend of proactive defense and reactive response, and want to apply your expertise to make a tangible difference in a fast-paced, growing company, this role is for you.

What You’ll Do

• Collaborate with engineering teams to design and implement secure application architectures, influencing the development of new features with security in mind from the start.

• Provide expert guidance on secure coding practices, API security, authentication/authorization patterns, and data protection throughout the software development lifecycle.

• Lead vulnerability management efforts, including identifying risks in applications and infrastructure (using both automated and manual methods), prioritizing findings, and coordinating remediation with engineering teams.

• Evaluate, select, and drive adoption of application and infrastructure security tools — such as SAST, DAST, SCA, container scanning, etc. — ensuring they are well integrated into developer workflows.

• Define and help implement incident response processes and playbooks; act as a senior technical contributor during incident investigations, supporting teams through forensics, containment, and recovery.

• Partner with the infrastructure team to establish guardrails and controls across GCP environments, including identity and access management, network security, and container hardening.

• Champion a security-first engineering culture by providing practical education, mentoring, and hands-on support to help teams build secure systems confidently and efficiently.

• We expect our security engineers to take ownership of their work — including writing, testing, and deploying secure code changes directly to production when appropriate.

What We’re Looking For

• 8+ years of progressive, hands-on experience in cybersecurity, with strong emphasis on application security, secure design, and vulnerability management.

• Deep understanding of web application and API security, including common vulnerabilities, secure software architecture, and threat modeling.

• Experience collaborating directly with software engineering teams to guide implementation of secure development practices and influence technical design decisions.

• Proven ability to lead technical efforts in vulnerability identification, triage, and remediation across both application code and cloud infrastructure.

• Hands-on experience implementing and operating security tooling as well as basic infrastructure level controls.

• Demonstrated experience leading or significantly contributing to security incident response efforts, including log and forensic analysis.

• Strong communication and collaboration skills; able to influence without authority and guide teams toward secure-by-default outcomes.

Bonus Points

• Experience securing services that handle sensitive data, like PHI, and an understanding of data protection principles.

• Proficiency in integrating security tools and practices into CI/CD pipelines (DevSecOps).

• Strong scripting/automation skills (e.g., Python, Bash, etc.) for security tasks.

• Relevant industry certifications (e.g., OSCP, GWAPT, GCSA, GCP Professional Cloud Security Engineer, CISSP – focusing on technical certs).

• Experience as an early or foundational security hire in a growing tech company.

Req ID: J-458

For full-time positions, Dandy offers a wide range of best-in-class, comprehensive, and inclusive benefits tailored to each country where we operate. Our local benefits packages typically include healthcare, dental, mental health support, parental planning resources, retirement savings options, and generous paid time off—ensuring our team members are supported no matter where they live and work.

Dandy is proud to be an equal-opportunity employer. We are committed to building a diverse and inclusive culture that celebrates authenticity to win as one. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability, protected veteran status, citizenship or immigration status, or any other legally protected characteristics.

Dandy also fully complies with the Americans with Disabilities Act (ADA). We are dedicated to embracing challenges and creating an accessible, inclusive workplace for all individuals. If you require any accommodations for your interview or have any questions beforehand, rest assured that we will do everything we can to meet your needs. Visit Dandy Careers for more!

Compensation Range: $221.1K - $268K