IT Security Engineer

Bioscope.ai is a healthcare technology company at the forefront of AI in precision medicine. Our HIPAA-compliant SaaS platform empowers healthcare providers with advanced precision omics analysis tools, enabling personalized patient care backed by cutting-edge science. We're building the future of healthcare data AI, and we need a skilled IT and Security Engineer to help us scale securely.

We're looking for a versatile IT Security Engineer to join our growing team. In this role, you'll wear multiple hats—providing day-to-day IT support to our team while also taking ownership of our security posture across our platform and CI/CD pipeline. This is a unique opportunity to build security practices from the ground up at a healthcare startup where your work directly impacts patient outcomes.

What You'll Do

IT Support & Infrastructure

• Manage and support corporate IT infrastructure including endpoint devices, networking, and productivity tools (Google Workspace, Slack, etc.)

• Provide technical support to team members, troubleshooting hardware and software issues

• Administer identity and access management (IAM) systems, including user provisioning and access reviews

• Manage and maintain MDM solutions and our Rippling platform for device security, compliance, and IT automation

• Document IT processes, procedures, and maintain an internal knowledge base

Security Engineering

• Design, implement, and maintain security controls across our cloud infrastructure and SaaS platform

• Integrate security tooling into our CI/CD pipeline, including SAST, DAST, dependency scanning, and container security

• Conduct security assessments, vulnerability scans, and coordinate remediation efforts with engineering teams

• Manage and monitor endpoint detection and response (EDR) using SentinelOne, investigating and responding to security alerts and threats

• Develop and enforce security policies, standards, and best practices

• Support HIPAA compliance efforts, including security risk assessments, audit preparation, and maintaining security documentation

DevSecOps & Automation

• Build and maintain infrastructure-as-code (IaC) with security best practices baked in

• Automate security testing and compliance checks within the development workflow

• Implement secrets management and secure configuration practices

• Champion security awareness across the engineering team through training and code reviews

What We're Looking For

Required

• 3+ years of experience in IT support, systems administration, or security engineering

• Hands-on experience with cloud platforms (AWS, GCP, or Azure) and their security services

• Familiarity with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, or similar) and integrating security into pipelines

• Understanding of common security frameworks and standards (SOC 2, NIST, CIS Benchmarks)

• Experience with vulnerability management, SIEM tools, and security monitoring

• Vibe coding expertise for automation

• Excellent communication skills and ability to work across teams

Nice to Have

• Experience in a healthcare environment with HIPAA compliance requirements

• Experience with Rippling for IT management and automation

• Experience with SentinelOne or similar EDR platforms

• Background in penetration testing or application security

• Familiarity with healthcare data standards (HL7, FHIR)