Job Overview
Location
London, UK
Job Type
Full-time
Category
Security Engineer
Date Posted
March 18, 2026
Full Job Description
đź“‹ Description
- • As the first dedicated Detection & Response Security Engineer at Doxy.me, you will build and own the company’s detection engineering function from the ground up, directly protecting healthcare providers and patients by securing a HIPAA-compliant telehealth platform used by over one million providers across 180+ countries.
- • You will apply software engineering principles to security operations—writing detection-as-code, automating response workflows, and reducing manual toil—ensuring scalable, precise, and maintainable threat detection across Doxy.me’s cloud-native infrastructure.
- • Day to day, you will research emerging threats, write and tune detection rules using Python and/or TypeSQL, deploy them via CI/CD pipelines, and maintain telemetry pipelines that ingest application, infrastructure, and identity data for comprehensive visibility.
- • You will investigate and respond to security events, including triage, containment, remediation, and post-incident analysis, while building automated playbooks that integrate with AWS, identity systems, and cloud services to accelerate response times.
- • You will collaborate closely with product and engineering teams to embed threat modeling early in the development lifecycle, identifying detection opportunities during design and contributing to secure-by-default architecture.
- • You will help define and evolve security monitoring standards, operational playbooks, and response procedures, shaping the maturity of Doxy.me’s InfoSec function as it scales.
- • Working within a small, high-impact Information Security team led by a CISO, you will partner with engineers focused on product security, GRC, and corporate security, enjoying significant autonomy and influence over tooling, strategy, and culture.
- • This role offers the opportunity to grow as a security engineer by mastering detection engineering, threat hunting, and cloud security in a mission-driven environment where your work directly safeguards sensitive patient data and enables global healthcare access.
🎯 Requirements
- • Experience writing and shipping detection rules using a detection-as-code approach
- • Strong programming skills in Python and/or TypeScript, with comfort using SQL for querying security data
- • Experience with AWS and cloud-native infrastructure
- • Familiarity with observability and monitoring platforms like Datadog
- • Understanding of attacker techniques and frameworks such as MITRE ATT&CK
- • Experience with CI/CD pipelines and software engineering workflows
🏖️ Benefits
- • A fun, flexible work environment with the option to work remotely or from regional hubs
- • Competitive salary and 401k match
- • Medical, Vision, and Dental insurance
- • Paid trainings and certifications
- • Unlimited PTO
- • Advancement opportunities in a growing, mission-driven company
Skills & Technologies
About Doxy.me LLC
Doxy.me LLC provides a HIPAA-compliant telemedicine platform that enables healthcare providers to conduct secure video consultations with patients. The cloud-based service offers encrypted real-time audio-video, text chat, file sharing, and e-signature without requiring downloads or accounts for patients. Features include virtual waiting rooms, scheduling integrations, patient queue management, and usage analytics. Designed for solo practices to large health systems, it supports Chrome, Firefox, Safari, and mobile browsers, ensuring accessibility across devices while maintaining strict privacy and security standards for telehealth delivery.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
