Information Security Engineer

INFORMATION SECURITY ENGINEER

WHERE MEDICINE MEETS INTELLIGENCE

Doctronic is the first AI legally authorized to practice medicine. We're processing millions of consultations monthly with 99%+ treatment plan accuracy validated by board-certified clinicians.

ABOUT THE ROLE

We're looking for an Information Security Engineer to own our security posture. We're HIPAA-compliant and SOC 2 Type II certified—you'll maintain and strengthen that foundation as we scale to serve millions of patients and enterprise partners.

This role is critical to our mission. When you're protecting healthcare data, security isn't just best practice—it's a sacred responsibility. You'll combine hands-on technical work with strategic security leadership, ensuring Doctronic remains the most trusted AI diagnostic platform in healthcare.

WHAT YOU'LL DO

- Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors

- Implement and monitor HIPAA technical safeguards across our infrastructure and applications

- Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews

- Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers

- Implement and enforce security policies across engineering, operations, and business teams

- Respond to security incidents with urgency and thoroughness, conducting post-incident analysis

- Build security automation and monitoring to scale protection as the company grows

- Collaborate with engineering teams to embed security best practices into the development lifecycle

- Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

WHO YOU ARE

- 7+ years of information security experience in production environments

- Healthcare or fintech background required—you understand regulated industry security requirements

- Hands-on technical ability, not just policy and paperwork—you can...