Senior Security Engineer

Sirona Medical

Sirona Medical

Software Engineering
San Francisco, CA, USA
Posted on Jan 22, 2024
At Sirona Medical we’re building tools for physicians to work as fast as they can think. Many billions of patient images are acquired each year in the U.S., and nearly all of them are reviewed and diagnosed by a radiologist. In fact, 80% of healthcare data flows through radiology IT systems, and radiologists are among healthcare’s most tech-savvy and influential physicians. But they desperately need better, user-friendly software that cuts clicks and optimizes diagnostic time. Sirona is building a modern cloud-native and AI-powered operating system (“RadOS”) that unifies radiology IT onto a single, streamlined workspace. We’re a San Francisco, CA-based software company (with employees working from all over the world) founded on a deep understanding of both the practice and business of radiology.
For more information, please visit https://sironamedical.com/join/.

As a Senior Security Engineer, you will be instrumental in safeguarding our cloud-native product, ensuring it meets the highest standards of security and compliance. You'll work closely with cross-functional teams to embed security practices into the product development lifecycle, mitigate potential risks, and establish robust security measures. Initially this role will be responsible for all things Security, but will eventually split into two roles, one covering Product Security, and one covering Security Operations.

Key Responsibilities:

  • Develop and implement security strategies, protocols, and best practices specific to our cloud-native product used in the healthcare sector.
  • Lead Sirona’s Product Security efforts by conducting threat modeling, security assessments, penetration testing, and vulnerability management
  • Collaborate with software development teams to integrate security controls and tools into the product development process, ensuring a secure-by-design approach
  • Select and deploy security technologies that lay the foundation of Sirona’s Information Security Programs
  • Run point on incident response by investigating potential security breaches, conducting IR drills/exercises, and implementing changes to improve the IR program
  • Educate and train your fellow employees on security best practices, current threats, and methodologies.
  • Stay updated with industry trends, evolving threats, and regulatory requirements in healthcare to ensure compliance and adherence to standards like HIPAA.
  • Monitor the effectiveness of existing security measures and make recommendations to improve any areas that need it

Key Qualifications:

  • Minimum 6-10yrs of experience in product security engineering, preferably within cloud-native environments.
  • Proficiency in conducting security assessments, penetration testing, and risk analysis.
  • Strong understanding of cloud security principles, including experience with AWS (/Azure/GCP a plus).
  • Experience working in healthcare-related technology or familiarity with HIPAA regulations is highly desirable.
  • Solid grasp of secure coding practices and familiarity with programming languages such as Python, Java, or JavaScript.
  • Professional certifications such as CISSP, CEH, or relevant security certifications are a plus.
  • Excellent communication skills with the ability to convey complex security concepts to non-technical stakeholders.

Why Join Us:

  • Be at the forefront of revolutionizing healthcare with cutting-edge technology.
  • Work in a collaborative and innovative environment, making a real impact on patient care.
  • Competitive compensation package, including benefits and opportunities for professional growth and development.

Join us in shaping the future of healthcare technology and ensuring the security and integrity of our groundbreaking product.

Benefits:

  • Stock Options
  • Unlimited PTO
  • Medical, dental, vision insurance
  • Life insurance
  • Maternity and Paternity Leave
  • 401K matching
  • Apple equipment
  • Sponsorship for conferences, continuing education, etc
  • Dynamic engineering role–technological innovation is at the core of our business
  • Growth and learning opportunities from a startup environment include working closely with an international team of scientists, engineers, platform architects, programmers and professionals
  • Do something morally benevolent!

The annual US base salary range for this full-time position is $165,000 - $185,000 + equity + benefits. Pay scale is flexible depending on experience. Within the range, individual pay is determined by work location and additional factors, including job-related skills, competencies, experience, relevant education and training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.