Our vision is to reduce the administrative burden on clinicians, freeing them to focus on delivering world-class care. By 2050, we aim for every clinician to practice with AI systems that increase the quality and accessibility of care to patients worldwide.
The Role
As a Senior Cloud Security Engineer, you will lead and scale our cloud security strategy as we build critical healthcare systems. You will be at the heart of our infrastructure and product security — embedding security into every layer of our cloud-native stack and helping us stay resilient, compliant, and one step ahead of threats.
* Design and implement security controls across our cloud infrastructure (AWS/GCP/Azure), networks, containers, and CI/CD pipelines.
* Drive adoption of security best practices across engineering teams — with a strong focus on automation, secure defaults, and developer enablement.
* Own and evolve threat detection and prevention strategies, leveraging tools like GuardDuty, AWS Config, CloudTrail, and other cloud-native services.
* Implement and manage application and supply chain security tooling (e.g., GitHub Advanced Security, Snyk, Trivy, Semgrep).
* Define and enforce IAM policies, secrets management, and service-to-service authentication standards. Lead security incident response and postmortems — build systems to reduce MTTR and improve detection fidelity.
* Collaborate with engineering, compliance, and legal to align infrastructure with frameworks like ISO 27001, SOC 2, and HIPAA.
* Contribute to security awareness and training initiatives across the organization.
* Participate in threat modeling, architecture reviews, and risk assessments.
* Support generation of automated audit evidence for compliance needs.
* Stay ahead of cloud security trends, zero-day threats, and new attack vectors — and continuously strengthen our defenses.
We are looking for a highly motivated individual with 6–8+ years of experience in security engineering, preferably with a background in cloud-native security. The ideal candidate will have a deep understanding of identity and access management, network segmentation, and cloud security architectures. Proficiency in programming/scripting languages such as Python, Go, or Bash is required.
Requirements
* Experience in regulated industries (healthtech, fintech, government).
* Background in offensive security or red/purple teaming.
* Knowledge of SBOM generation and software supply chain defense.
If you are a hungry, competitive, and highly motivated operator who has a knack for problem-solving and building relationships, we want to hear from you.