Sydicom insightsSydicom overview

A remote Security role at Doctronic. 7+ years of information security experience in production environments

Keywords this role’s ATS scans for

Sydicom tailors your CV and cover letter to match these.

AWS

Level

Mid-level

Work

Remote

Focus

Security

Pay

$180k-$240k/yr

How Sydicom helps: we read this listing’s requirements and tune your CV and cover letter to the keywords its ATS (Ashby) is scanning for, wherever you are, then help you apply.

Related roles

Original listing text, shown exactly as published by the company.

About the Role

We're looking for an Information Security Engineer to own our security posture. We're HIPAA-compliant and SOC 2 Type II certified—you'll maintain and strengthen that foundation as we scale to serve millions of patients and enterprise partners.

This role is critical to our mission. When you're protecting healthcare data, security isn't just best practice—it's a sacred responsibility. You'll combine hands-on technical work with strategic security leadership, ensuring Doctronic remains the most trusted AI diagnostic platform in healthcare.

What You'll Do

Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors
Implement and monitor HIPAA technical safeguards across our infrastructure and applications
Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews
Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers
Implement and enforce security policies across engineering, operations, and business teams
Respond to security incidents with urgency and thoroughness, conducting post-incident analysis
Build security automation and monitoring to scale protection as the company grows
Collaborate with engineering teams to embed security best practices into the development lifecycle
Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

Who You Are

7+ years of information security experience in production environments
Healthcare or fintech background required—you understand regulated industry security requirements
Hands-on technical ability, not just policy and paperwork—you can read code, configure systems, and investigate incidents
Deep experience with SOC 2, HIPAA, or equivalent compliance frameworks
Familiarity with AWS security controls, IAM, encryption, and cloud security best practices
Strong communicator who can translate security requirements for technical and non-technical audiences
Proactive problem-solver who anticipates risks before they materialize
Collaborative partner who enables teams to move fast while staying secure

Nice to Have

CISSP, CISM, CISA, or equivalent security certification
Experience with health information exchanges, TEFCA, QHIN, or interoperability standards
Startup security experience—building security programs from scratch vs. maintaining established ones
Familiarity with AI/ML security considerations and model protection
Experience with mobile app security (iOS/Android)
Knowledge of medical device security standards or FDA digital health guidance
Background in application security, secure SDLC, or DevSecOps

About Doctronic

Doctronic

Security

9 open roles on Sydicom

Websitewww.doctronic.de

Seit 25 Jahren entwickeln wir maßgeschneiderte Software, effiziente Digitalisierungsstrategien und konzipieren benutzerfreundlicher Publishing-Plattformen.

Source: company website

Open source

github.com/doctronic· 8 public repos· 1 star· Clojure