Security Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Penguin Ai · 1 day ago

Security Architect

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date6+ years exp

Penguin Ai is an innovative company focused on healthcare AI solutions, seeking a highly technical and hands-on Security Architect. This role involves leading security engineering and compliance initiatives, with a significant emphasis on security assessments, cloud security, and incident response management.

Artificial Intelligence (AI)Health CareMedical

Responsibilities

Regularly raid our own infrastructure and applications with security assessments and penetration tests
Implement and maintain iron-clad security controls for our cloud infrastructure and all our endpoints
Design, build, and maintain our DevSecOps pipelines and tooling, making security an effortless part of our development flow
Perform security code reviews and squash vulnerabilities in production code (React, Python, FastAPI) like a bug-busting superhero
Implement robust security guardrails for our cutting-edge LLM-based agentic workflows and AI systems
Own and meticulously maintain our SOC2 Type 2, ISO 27001, and HIPAA compliance programs
Conquer those daunting Security Due Diligence Questionnaires (DDQs) from our Healthcare Enterprise customers with precision and expertise
Coordinate seamlessly across our engineering, product, and operations teams to weave security controls into every fibre of our platform
Manage relationships with security vendors and external auditors, ensuring we always have the best allies
Review and fix security vulnerabilities in code written by other developers, turning potential threats into learning opportunities
Train development teams on OWASP Top 10 and secure coding practices
Conduct engaging security training sessions to level up everyone's game
Embed security best practices into every stage of the development lifecycle
Own our incident response processes from start to finish
Dive deep to conduct thorough root cause analyses for security incidents
Manage customer communications during security events with transparency and policy adherence
Implement measures to prevent future incidents based on lessons learned
Report directly to the Head of Engineering (Co-founders) on risk assessments and our overall security posture
Provide oversight and spearhead external compliance audits
Deliver weekly security updates to management, keeping everyone informed
Review and update security policies and procedures

Qualification

Cloud Security (AWS)Penetration TestingDevSecOps ImplementationSOC2/ISO 27001 CompliancePython ProficiencyReact ExperienceAI Security KnowledgeSecurity Frameworks KnowledgeCross-Functional CommunicationSecurity Training SkillsSelf-Starter Mentality

Required

6+ years of hands-on information security experience
Deep expertise in cloud security, specifically AWS
Strong proficiency in Python and the ability to write and review secure code
Experience with React, FastAPI, Docker, Kubernetes, GitHub, and Ubuntu
A proven track record of conducting penetration tests and vulnerability assessments
Hands-on DevSecOps implementation experience
Direct experience implementing and maintaining SOC2 Type 2 and ISO 27001 programs
HIPAA compliance experience in healthcare or other regulated environments
Experience responding to complex customer security questionnaires and RFPs
Working knowledge of key security frameworks (NIST, CIS, etc.)
A solid understanding of Large Language Model (LLM) security risks and guardrails
Experience securing AI/ML pipelines and agentic systems
Familiarity with AI safety and responsible AI practices
Excellent communication skills for seamless cross-functional collaboration
Comfortable working with globally distributed teams, especially in India
A self-starter mentality with strong ownership
Ability to translate complex security concepts into understandable, engaging language for non-technical stakeholders
A Bachelor's degree in Computer Science, Engineering, Data Science, or a related field

Preferred

Have battled (and won!) in a startup or high-growth environment
Hold relevant security certifications (CISSP, CEH, OSCP, GIAC, etc.)
Have prior experience in healthcare technology or regulated industries
Have experience managing distributed security teams
Possess a background in both offensive and defensive security

Benefits

Medical, vision, and dental coverage: Keep you healthy and smiling!
Generous vacation policy and company holidays: Recharge and conquer!

Company

Penguin Ai

twittertwitter
company-logo
Penguin AI uses AI to analyze health records and support care decisions, improving patient outcomes.
dateFounded in 2024
location
Palo Alto, California, USA
people-size11-50 employees
web-link
https://www.penguinai.co/

Funding

Current Stage
Early Stage
Total Funding
$25M
Key Investors
Greycroft
2025-09-11Series A· $25M
2024-01-04Convertible Note

Recent News

GlobeNewswire
Why Clinical Data Analytics Is Becoming One of Healthcare’s Fastest-Growing Markets?
2026-01-19
PR Newswire
PENGUIN AI LAUNCHES HCC CODING & RISK ADJUSTMENT SOLUTION AS SNOWFLAKE NATIVE APP ON SNOWFLAKE MARKETPLACE
2026-01-12
PR Newswire
Penguin Ai and FTI Unite Expertise to Deliver Next-Generation Revenue Cycle Performance
2025-12-19
Company data provided by crunchbase