Staff Security Engineer

About Pomelo Care

Pomelo Care is a multi‑disciplinary team of clinicians, engineers and problem solvers who are passionate about improving care for moms and babies. We are transforming outcomes for pregnant people and babies with evidence‑based pregnancy and newborn care at scale. Our technology‑driven care platform enables us to engage patients early, conduct individualized risk assessments for poor pregnancy outcomes, and deliver coordinated, personalized virtual care throughout pregnancy, NICU stays and the first postpartum year. We measure ourselves by reductions in preterm births, NICU admissions, c‑sections and maternal mortality, and we improve outcomes and reduce healthcare spend.

Job Overview

Pomelo Care is seeking an experienced cybersecurity engineer to mature our security practices and contribute to our mission to ensure that our patients, clinicians and partners trust us implicitly. This is an exciting opportunity for someone who shares our commitment to information security to be part of a fast‑paced environment that will push you to learn while doing.

What You’ll Do

As a Staff Security Engineer at Pomelo Care, you’ll be a key player in shaping our security posture, safeguarding sensitive healthcare data and enabling our engineering teams to build secure and compliant products. This role requires a versatile generalist with deep technical expertise, excellent software engineering fundamentals and the agility to thrive in a startup environment.

Key Responsibilities

• Lead and execute critical cybersecurity initiatives, spanning areas such as IAM / RBAC, Application Security, Cloud Security, Endpoint Security, CI / CD and supply chain security, SAST / DAST tooling, penetration testing, bug bounty management, Incident Response, DFIR and SaaS security.
• Develop and implement security solutions and frameworks that proactively mitigate risks and address evolving threats.
• Collaborate cross‑functionally with engineering, product, compliance and executive teams to drive adoption of security best practices.
• Own and continuously improve secure software development lifecycle (SDLC) processes and tools.
• Serve as a subject matter expert and mentor, guiding and educating teams on cybersecurity principles, secure coding and threat modeling.
• Participate directly in incident response activities, investigations and post‑incident analysis.
• Demonstrate humility, entrepreneurial spirit, strong communication skills and comfort contributing to a dynamic, cross‑functional environment.

Qualifications

Why Join Us

By joining Pomelo, you will get in on the ground floor of a fast‑moving, well‑funded, and mission‑driven startup that always puts the patient first. You will learn, grow and be challenged—and have fun with your team while doing it.

Benefits

Diversity & Inclusion

We strive to create an environment where employees from all backgrounds are respected. At Pomelo, we are committed to hiring the best team to improve outcomes for all mothers and babies, regardless of their background. We value people from a variety of backgrounds, including but not limited to race, age, sexual orientation, gender identity and expression, national origin, religion, disability and veteran status.

Compensation

Our salary ranges are based on paying competitively for our company’s size and industry, and are part of the total compensation package that also includes equity, benefits and other opportunities at Pomelo Care. In accordance with New York City, Colorado, California, and other applicable laws, Pomelo Care is required to provide a reasonable estimate of the compensation range for this role. A reasonable estimate of the current salary range is $200,000 to $220,000. We expect most candidates to fall in the middle of the range.

Potential Fraud Warning

Please be cautious of potential recruitment fraud. With the increase of remote work and digital hiring, phishing and job scams are on the rise with malicious actors impersonating real employees and sending fake job offers in an effort to collect personal or financial information. Pomelo Care will never ask you to pay a fee or download software as part of the interview process. We will never ask for your personal banking or other financial information until after you have signed an offer of employment and completed onboarding paperwork that is provided by our People Operations team. All official communication with Pomelo Care People Operations team will come from domain email addresses ending in @pomelocare.com. If you receive a suspicious message, pause communication and contact us directly at careers@pomelocare.com to confirm its legitimacy. For your safety, we also recommend applying only through our official Careers page. If you believe you have been the victim of a scam or identity theft, please contact your local law enforcement agency or another trusted authority for guidance.

Contact

For inquiries, email careers@pomelocare.com.

#J-18808-Ljbffr