SIGN IN
Information Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Doctronic · 19 hours ago

Information Security Engineer

positionNew York City
timeFull-time
remoteOnsite
senioritySenior Level
money$180K/yr - $240K/yr
date7+ years exp
Doctronic is the first AI legally authorized to practice medicine, processing millions of consultations monthly with high accuracy. They are seeking an Information Security Engineer to maintain and strengthen their security posture, ensuring compliance with HIPAA and SOC 2 Type II as they scale operations.
Artificial Intelligence (AI)Generative AIHealth CareHealth DiagnosticsMachine LearningPersonal Health

Responsibilities

Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors
Implement and monitor HIPAA technical safeguards across our infrastructure and applications
Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews
Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers
Implement and enforce security policies across engineering, operations, and business teams
Respond to security incidents with urgency and thoroughness, conducting post-incident analysis
Build security automation and monitoring to scale protection as the company grows
Collaborate with engineering teams to embed security best practices into the development lifecycle
Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

Qualification

Information SecuritySOC 2 complianceHIPAA complianceAWS securitySecurity certificationsPenetration testingVulnerability assessmentsSecurity policiesIncident responseCommunication skillsProblem-solvingCollaboration

Required

7+ years of information security experience in production environments
Healthcare or fintech background required—you understand regulated industry security requirements
Hands-on technical ability, not just policy and paperwork—you can read code, configure systems, and investigate incidents
Deep experience with SOC 2, HIPAA, or equivalent compliance frameworks
Familiarity with AWS security controls, IAM, encryption, and cloud security best practices
Strong communicator who can translate security requirements for technical and non-technical audiences
Proactive problem-solver who anticipates risks before they materialize
Collaborative partner who enables teams to move fast while staying secure
Maintain SOC 2 Type II compliance and manage ongoing audits with external assessors
Implement and monitor HIPAA technical safeguards across our infrastructure and applications
Conduct and coordinate regular penetration testing, vulnerability assessments, and security reviews
Complete vendor security reviews and respond to enterprise security questionnaires from health systems and payers
Implement and enforce security policies across engineering, operations, and business teams
Respond to security incidents with urgency and thoroughness, conducting post-incident analysis
Build security automation and monitoring to scale protection as the company grows
Collaborate with engineering teams to embed security best practices into the development lifecycle
Stay current on emerging threats, vulnerabilities, and regulatory requirements in healthcare technology

Preferred

CISSP, CISM, CISA, or equivalent security certification
Experience with health information exchanges, TEFCA, QHIN, or interoperability standards
Startup security experience—building security programs from scratch vs. maintaining established ones
Familiarity with AI/ML security considerations and model protection
Experience with mobile app security (iOS/Android)
Knowledge of medical device security standards or FDA digital health guidance
Background in application security, secure SDLC, or DevSecOps

Benefits

Equity Opportunities
Comprehensive Health Benefits
We offer comprehensive health, dental, and vision coverage—plus mental health support and flexible time off—because caring for others starts with caring for ourselves.

Company

Doctronic

twittertwittertwitter
company-logo
Doctronic is the #1 AI doctor delivering secure, accurate, and instant medical guidance & seamless access to licensed physicians 24/7
dateFounded in 2024
location
New York, New York, USA
people-size51-200 employees
web-link
https://www.doctronic.ai

Funding

Current Stage
Growth Stage
Total Funding
$25M
Key Investors
Lightspeed Venture PartnersUnion Square Ventures
2025-09-15Series A· $20M
2025-04-17Seed· $5M

Leadership Team

leader-logo
Matt Pavelle
Co-founder and co-CEO
linkedin
leader-logo
Byron Crowe
Chief Medical Officer
linkedin

Recent News

STAT
Opinion: STAT+: After FDA’s pivot on clinical AI, we need AI safety research more than ever
2026-01-16
Ars Technica - All content
AI starts autonomously writing prescription refills in Utah
2026-01-09
semafor.com
Utah becomes first US state to test AI prescriptions
2026-01-08
Company data provided by crunchbase