Information Security Engineer

Where Medicine Meets Intelligence

Doctronic is the first AI legally authorized to practice medicine. We're processing millions of consultations monthly with 99%+ treatment plan accuracy validated by board-certified clinicians.

About the Role

We're looking for an Information Security Engineer to own our security posture. We're HIPAA-compliant and SOC 2 Type II certified—you'll maintain and strengthen that foundation as we scale to serve millions of patients and enterprise partners.

This role is critical to our mission. When you're protecting healthcare data, security isn't just best practice—it's a sacred responsibility. You'll combine hands-on technical work with strategic security leadership, ensuring Doctronic remains the most trusted AI diagnostic platform in healthcare.

What You'll Do

• Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors

• Implement and monitor HIPAA technical safeguards across our infrastructure and applications

• Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews

• Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers

• Implement and enforce security policies across engineering, operations, and business teams

• Respond to security incidents with urgency and thoroughness, conducting post-incident analysis

• Build security automation and monitoring to scale protection as the company grows

• Collaborate with engineering teams to embed security best practices into the development lifecycle

• Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

Who You Are

• 7+ years of information security experience in production environments

• Healthcare or fintech background required—you understand regulated industry security requirements

• Hands-on technical ability, not just policy and paperwork—you can read code, configure systems, and investigate incidents

• Deep experience with SOC 2, HIPAA, or equivalent compliance frameworks

• Familiarity with AWS security controls, IAM, encryption, and cloud security best practices

• Strong communicator who can translate security requirements for technical and non-technical audiences

• Proactive problem-solver who anticipates risks before they materialize

• Collaborative partner who enables teams to move fast while staying secure

Nice to Have

• CISSP, CISM, CISA, or equivalent security certification

• Experience with health information exchanges, TEFCA, QHIN, or interoperability standards

• Startup security experience—building security programs from scratch vs. maintaining established ones

• Familiarity with AI/ML security considerations and model protection

• Experience with mobile app security (iOS/Android)

• Knowledge of medical device security standards or FDA digital health guidance

• Background in application security, secure SDLC, or DevSecOps

Compensation & Benefits

Base Salary: $180K-$240K + Equity

New York City | On-site
Join our NYC team and work directly with engineering and product teams to build security into everything we do.

Equity Opportunities
Share in Doctronic's growth as we transform healthcare with AI.

Comprehensive Health Benefits
We offer comprehensive health, dental, and vision coverage—plus mental health support and flexible time off—because caring for others starts with caring for ourselves.

Building AI That Matters
Join Doctronic and work with cutting-edge AI that's transforming healthcare and helping people make faster, smarter decisions.

Reports To

Director of Engineering