Software Security Engineer / Privacy
Software Security Engineer / Privacy
Location: remote - ideally able to work close to U.S. business hours.
Start date: ASAP
Segmed’s mission is to bring higher quality healthcare to millions of more patients around the world. We are doing this by turning the medical research process on its head and providing real-world, anonymous medical data for development at the click of a button. We are a fast-growing startup in a quickly evolving field and we came out of Stanford and YCombinator. We're a 100% remote and distributed team.
We’re looking for an experienced senior Security, Privacy, Safety Engineer who wants to work on developing and maintaining our data integrity and security. Primary responsibilities are designing, specifying, and building software for ensuring the security of our medical data. This includes developing and maintaining our data ingestion pipeline and de-identification technologies. It’s an interdisciplinary position well geared for software engineers with strong security and privacy focus. Our systems must be easy for our data partners to use and must ensure the integrity of the data that we process. Your job will be to ensure we meet this goal and to help us ensure that the de-identification technologies and deployments meet the strictest security standards. You’ll assist in preparing and stress-testing the technology in preparation for HIPAA / GDPR / SOC2 / ISO / HITRUST certifications. In this role, you must also exhibit a customer-centric mindset, and continually verify that the data which we provide stays consistently matched with our customer web portal. This position is an opportunity to make a huge impact on the implementation and scalability of our cloud platform and influence how we serve customers and data partners and make a difference in the world. This role, if executed to perfection, gives you the opportunity to be promoted to Chief Information Security Officer. You will report directly to the CTO.
Essential Duties and Responsibilities:
People skills - you must be a team player and get to know the wider Segmed team
Design and architect complete de-identification solutions for Segmed data pipeline
Design and architect state-of-the-art security guidelines (HIPPA/GDPR compliant) for our cloud infrastructure (AWS/Terraform), data storage, and code (Golang)
Study of offensive security techniques and suggesting ways to make our technology resistant to them
Write clean Golang/Python/SQL code that is documented, tested, and easy to maintain
Analyze, benchmark and stress-test our backend to ensure 24/7 stability
Work closely with our product team to ensure the usability and security of our pipeline
Other ad hoc responsibilities to support the company’s objectives, as required in this fast-paced startup
Travel at Segmed’s expense for fun company-wide team offsites once the pandemic is over!
A minimum of a BS degree in computer science, software engineering, or related scientific discipline, coupled with 5 years of software/data engineering experience.
4 yrs+ of experience in Golang / Postgres / AWS
2 yrs+ of experience in a data security/privacy role
2 yrs+ of experience in the full software lifecycle (design, maintenance, refactoring, testing)
2 yrs+ of experience in the CI/CD methodology
Self-motivated and able to work efficiently in a remote environment (Slack, JIRA, GitLab)
Superior attention to detail and excellent communicator, both interpersonal and written
Well organized and able to juggle many projects at once
Understand healthcare ecosystems and medical and research partnerships
Knowledge of radiologic imaging modalities, understanding technical imaging requirements (such as CT and MRI acquisition protocols)
Healthcare industry knowledge/experience
CISSP, CISM, HCISPP
Transparency: We tell it like it is, good or bad
Social Good: People first
Learning Mentality: We acknowledge what we don’t know and find out
Integrity: Do the right thing even if no one’s watching
The Segmed team is international. We have team members from a huge variety of backgrounds and lifestyles. We consider equal opportunities essential. We do not discriminate based upon race, religion, color, national origin, sex, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.