Senior Security Engineer
As a Senior Security Engineer, you will be instrumental in safeguarding our cloud-native product, ensuring it meets the highest standards of security and compliance. You'll work closely with cross-functional teams to embed security practices into the product development lifecycle, mitigate potential risks, and establish robust security measures. Initially this role will be responsible for all things Security, but will eventually split into two roles, one covering Product Security, and one covering Security Operations.
- Develop and implement security strategies, protocols, and best practices specific to our cloud-native product used in the healthcare sector.
- Lead Sirona’s Product Security efforts by conducting threat modeling, security assessments, penetration testing, and vulnerability management
- Collaborate with software development teams to integrate security controls and tools into the product development process, ensuring a secure-by-design approach
- Select and deploy security technologies that lay the foundation of Sirona’s Information Security Programs
- Run point on incident response by investigating potential security breaches, conducting IR drills/exercises, and implementing changes to improve the IR program
- Educate and train your fellow employees on security best practices, current threats, and methodologies.
- Stay updated with industry trends, evolving threats, and regulatory requirements in healthcare to ensure compliance and adherence to standards like HIPAA.
- Monitor the effectiveness of existing security measures and make recommendations to improve any areas that need it
- Minimum 6-10yrs of experience in product security engineering, preferably within cloud-native environments.
- Proficiency in conducting security assessments, penetration testing, and risk analysis.
- Strong understanding of cloud security principles, including experience with AWS (/Azure/GCP a plus).
- Experience working in healthcare-related technology or familiarity with HIPAA regulations is highly desirable.
- Professional certifications such as CISSP, CEH, or relevant security certifications are a plus.
- Excellent communication skills with the ability to convey complex security concepts to non-technical stakeholders.
Why Join Us:
- Be at the forefront of revolutionizing healthcare with cutting-edge technology.
- Work in a collaborative and innovative environment, making a real impact on patient care.
- Competitive compensation package, including benefits and opportunities for professional growth and development.
Join us in shaping the future of healthcare technology and ensuring the security and integrity of our groundbreaking product.
- Stock Options
- Unlimited PTO
- Medical, dental, vision insurance
- Life insurance
- Maternity and Paternity Leave
- 401K matching
- Apple equipment
- Sponsorship for conferences, continuing education, etc
- Dynamic engineering role–technological innovation is at the core of our business
- Growth and learning opportunities from a startup environment include working closely with an international team of scientists, engineers, platform architects, programmers and professionals
- Do something morally benevolent!
The annual US base salary range for this full-time position is $165,000 - $185,000 + equity + benefits. Pay scale is flexible depending on experience. Within the range, individual pay is determined by work location and additional factors, including job-related skills, competencies, experience, relevant education and training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.