Information Security Engineer

About The Position

Requirements

• 7+ years of information security experience in production environments
• Healthcare or fintech background required—you understand regulated industry security requirements
• Hands-on technical ability, not just policy and paperwork—you can read code, configure systems, and investigate incidents
• Deep experience with SOC 2, HIPAA, or equivalent compliance frameworks
• Familiarity with AWS security controls, IAM, encryption, and cloud security best practices
• Strong communicator who can translate security requirements for technical and non-technical audiences
• Proactive problem-solver who anticipates risks before they materialize
• Collaborative partner who enables teams to move fast while staying secure

Nice To Haves

• CISSP, CISM, CISA, or equivalent security certification
• Experience with health information exchanges, TEFCA, QHIN, or interoperability standards
• Startup security experience—building security programs from scratch vs. maintaining established ones
• Familiarity with AI/ML security considerations and model protection
• Experience with mobile app security (iOS/Android)
• Knowledge of medical device security standards or FDA digital health guidance
• Background in application security, secure SDLC, or DevSecOps

Responsibilities

• Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors
• Implement and monitor HIPAA technical safeguards across our infrastructure and applications
• Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews
• Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers
• Implement and enforce security policies across engineering, operations, and business teams
• Respond to security incidents with urgency and thoroughness, conducting post-incident analysis
• Build security automation and monitoring to scale protection as the company grows
• Collaborate with engineering teams to embed security best practices into the development lifecycle
• Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

Benefits

• Equity Opportunities Share in Doctronic's growth as we transform healthcare with AI.
• Comprehensive Health Benefits We offer comprehensive health, dental, and vision coverage—plus mental health support and flexible time off—because caring for others starts with caring for ourselves.
• Building AI That Matters Join Doctronic and work with cutting-edge AI that's transforming healthcare and helping people make faster, smarter decisions.