Information Security Engineer

Where Medicine Meets IntelligenceDoctronic is the first AI legally authorized to practice medicine. We're processing millions of consultations monthly with 99%+ treatment plan accuracy validated by board-certified clinicians.About The RoleWe're looking for an Information Security Engineer to own our security posture. We're HIPAA-compliant and SOC 2 Type II certified—you'll maintain and strengthen that foundation as we scale to serve millions of patients and enterprise partners.This role is critical to our mission. When you're protecting healthcare data, security isn't just best practice—it's a sacred responsibility. You'll combine hands-on technical work with strategic security leadership, ensuring Doctronic remains the most trusted AI diagnostic platform in healthcare.What You'll DoMaintain SOC 2 Type II compliance and manage ongoing audits with external assessorsImplement and monitor HIPAA technical safeguards across our infrastructure and applicationsConduct and coordinate regular penetration testing, vulnerability assessments, and security reviewsComplete vendor security reviews and respond to enterprise security questionnaires from health systems and payersImplement and enforce security policies across engineering, operations, and business teamsRespond to security incidents with urgency and thoroughness, conducting post-incident analysisBuild security automation and monitoring to scale protection as the company growsCollaborate with engineering teams to embed security best practices into the development lifecycleStay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technologyWho You Are7+ years of information security experience in production environmentsHealthcare or fintech background required—you understand regulated industry security requirementsHands-on technical ability, not just policy and paperwork—you can read code, configure systems, and investigate incidentsDeep experience with SOC 2, HIPAA, or equivalent compliance frameworksFamiliarity with AWS security controls, IAM, encryption, and cloud security best practicesStrong communicator who can translate security requirements for technical and non-technical audiencesProactive problem-solver who anticipates risks before they materializeCollaborative partner who enables teams to move fast while staying secureNice to HaveCISSP, CISM, CISA, or equivalent security certificationExperience with health information exchanges, TEFCA, QHIN, or interoperability standardsStartup security experience—building security programs from scratch vs. maintaining established onesFamiliarity with AI/ML security considerations and model protectionExperience with mobile app security (iOS/Android)Knowledge of medical device security standards or FDA digital health guidanceBackground in application security, secure SDLC, or DevSecOpsCompensation & BenefitsBase Salary: $180K-$240K + EquityNew York City | On-siteJoin our NYC team and work directly with engineering and product teams to build security into everything we do.Equity OpportunitiesShare in Doctronic's growth as we transform healthcare with AI.Comprehensive Health BenefitsWe offer comprehensive health, dental, and vision coverage—plus mental health support and flexible time off—because caring for others starts with caring for ourselves.Building AI That MattersJoin Doctronic and work with cutting-edge AI that's transforming healthcare and helping people make faster, smarter decisions.Reports ToDirector of EngineeringCompensation Range: $180K - $240K