This job has expired

This position was posted on October 7, 2025 and is likely no longer accepting applications. We've kept it here for historical reference. Check out the similar jobs below!

Senior Platform Security Engineer

Imagine Pediatrics PC

Job Overview

Location

Remote

Job Type

Full-time

Full Job Description

📋 Description

• Architect and harden the security posture of a cloud-native telehealth platform that serves thousands of pediatric patients and their families every day, ensuring HIPAA, HITRUST, and SOC 2 compliance across AWS, GCP, and multi-region Kubernetes environments.
• Own the end-to-end lifecycle of security controls—from threat modeling and secure-by-design reviews to automated policy-as-code deployment—so that every new feature ships with baked-in protections and zero customer friction.
• Build and maintain continuous security monitoring pipelines using tools such as Falco, Wiz, Prisma Cloud, or equivalent, ingesting petabyte-scale logs from EKS, Lambda, RDS, and third-party SaaS APIs to surface anomalies in near real time.
• Lead purple-team exercises and red-team simulations quarterly, partnering with engineering squads to validate detective controls, refine runbooks, and shorten MTTR for any potential breach to under 15 minutes.
• Drive the evolution of our zero-trust network architecture, implementing workload identity with SPIFFE/SPIRE, mutual TLS everywhere, and context-aware policy enforcement that adapts to patient data sensitivity levels.
• Automate compliance evidence collection and artifact generation so that SOC 2 Type II audits, HITRUST r2 certifications, and customer security questionnaires become one-click affairs instead of multi-week fire drills.
• Mentor a growing security guild of 6–8 engineers and analysts, instituting secure-coding bootcamps, threat-modeling office hours, and a peer-review culture that turns every pull request into a teaching moment.
• Partner with clinical informatics and product teams to translate complex regulatory requirements (HIPAA, 42 CFR Part 2, state minor-privacy statutes) into actionable engineering tasks without slowing release velocity.
• Design and operate secrets-management, key-rotation, and data-tokenization services that protect PHI at rest and in transit, leveraging AWS KMS, HashiCorp Vault, and envelope encryption patterns audited to FIPS 140-2 Level 3.
• Champion a “security as product” mindset, publishing internal SLIs/SLOs for control efficacy, publishing quarterly security scorecards, and presenting to the board on risk-reduction ROI.
• Contribute to open-source security projects (OPA, Kyverno, Trivy) and represent Imagine Pediatrics at pediatric-healthcare security working groups, shaping industry standards while attracting top-tier talent.
• Own incident-response playbooks for cloud-native threats (cryptojacking, container escape, supply-chain compromise), rehearsing them monthly with engineering, SRE, and clinical ops to guarantee 99.99 % uptime for critical care workflows.
• Evaluate emerging attack surfaces—AI-driven clinical decision support, remote patient monitoring IoT fleets, FHIR APIs—and design compensating controls before they reach production.
• Establish secure CI/CD guardrails using OPA, Snyk, and Sigstore Cosign, ensuring every container image, Terraform module, and Helm chart is scanned, signed, and attested before promotion to staging or prod.
• Translate complex security findings into executive-ready narratives, quantifying risk in dollars and patient-impact terms that drive informed investment decisions across the company.

🎯 Requirements

• 7+ years securing production-grade cloud environments (AWS required, GCP a plus) with deep expertise in Kubernetes, container security, and infrastructure-as-code (Terraform, CDK, or Pulumi).
• Hands-on experience implementing and auditing compliance frameworks—HIPAA, HITRUST, SOC 2, or FedRAMP—within healthcare or other highly regulated industries.
• Proficiency in at least one modern programming language (Go, Python, or TypeScript) and comfort writing secure, testable automation for policy enforcement and incident response.
• Demonstrated success leading cross-functional security initiatives, mentoring engineers, and influencing product and clinical stakeholders without direct authority.
• Nice-to-have: contributions to open-source security projects, SANS or GIAC certifications (GCSA, GCIH, GCPN), and familiarity with FHIR, HL7, or other healthcare data standards.

🏖️ Benefits

• 100 % remote-first culture with quarterly in-person retreats in family-friendly destinations and a generous home-office stipend.
• Premium medical, dental, and vision coverage for you and your dependents—plus free pediatric telehealth visits for your own children.
• 20 days PTO, 10 paid holidays, and a 4-week paid sabbatical after four years to recharge and pursue personal passions.
• Equity in a high-growth Series C company that is redefining pediatric care, with regular 409A updates and early-exercise options.

Skills & Technologies

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Imagine Pediatrics PC

Visit Website

About Imagine Pediatrics PC

Imagine Pediatrics PC provides comprehensive, technology-enabled pediatric primary and behavioral health care for children with complex medical needs and their families. Services include 24/7 virtual and in-home care, care coordination, chronic disease management, and support for social determinants of health. The company partners with health plans to improve outcomes and reduce avoidable hospitalizations while delivering care tailored to medically complex children.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.