Security Engineer (Digital Health)

Neurotrack Cognitive Function Test•Pittsburgh, PA

40d•Remote

About The Position

Security Engineer (Digital Health) Role Overview As a HIPAA-compliant and SOC2 audited digital health company, security and privacy are baked into everything we do. We have solid systems in place and are ready to expand dedicated coverage for this critical work. This is a multi-faceted role spanning IT operations, device security, compliance, and cloud infrastructure - and we’re looking for someone who covers as many areas as possible, even if not every one at depth. We’re an AI-first team. That means we work to amplify our capabilities with the best tools available — and we fully expect you to not only use AI in your work, but to help us build systems and workflows that use AI to support you as much as possible. If you want to lean into AI-supported IT, security, and cloud operations, this is a great fit.

Requirements

3+ years of experience in IT security, cloud infrastructure, or a closely related role.
Hands-on experience with MDM and device management platforms (JumpCloud, Hexnode, or similar).
Experience with endpoint security tools such as CrowdStrike or equivalent.
Familiarity with identity and access management platforms (Auth0, Okta, or similar).
Working knowledge of SOC2 compliance frameworks and security controls.
Comfort with AWS services and cloud security fundamentals.
Clear written communication skills for documentation, questionnaires, and cross-team collaboration.
Proactive, self-directed approach — comfortable working independently in a fully remote environment.

Nice To Haves

Experience with Vanta or similar compliance automation platforms.
Background in HIPAA-regulated environments or digital health.
Experience completing or managing security questionnaires (SIG, CAIQ, VSAQ, etc.).
Networking fundamentals and VPN configuration experience (site-to-site, IPsec, BGP).
Experience with Infrastructure-as-Code (AWS CDK, CloudFormation, or Terraform).
Familiarity with GitHub security features: Dependabot, secret scanning, and branch protection rules.
Interest in AI-augmented workflows and enthusiasm for building AI-assisted tooling.
Penetration testing knowledge or experience managing third-party pen test engagements.

Responsibilities

Manage device security, MDM policies, and authentication for a fully remote team.
Administer and maintain our JumpCloud, Hexnode, CrowdStrike, and Auth0 environments.
Ensure devices have appropriate policies applied and assist staff with device-related issues.
Configure and maintain SSO connections for vendor products and services.
Own the security side of our SOC2 compliance posture, managed year-round through Vanta.
Conduct access reviews, manage vendor integrations and security reviews.
Ensure GitHub security rules are enforced and work with developers to resolve vulnerabilities as they arise.
Manage our annual penetration testing program and develop a proactive approach to web app and API security.
Take ownership of completing customer security questionnaires from our Head of Compliance.
Set up AI tooling to make questionnaire completion both efficient and consistently accurate.
Maintain an up-to-date library of responses that reflects our current security posture.
Set up and maintain site-to-site VPN connections between our AWS VPCs and customer networks.
Troubleshoot connectivity issues and ensure reliable, secure network configurations.
Support our AWS-native infrastructure and deployments across managed services.
Work with CDK, TypeScript, and GitHub Actions for infrastructure management and CI/CD pipelines.
Apply AWS best practices and actively contribute to the security posture of our cloud environment.