Curebase is the leading software platform for designing and executing "decentralized" clinical trials. We let any patient, anywhere in the world, contribute to critical medical research. We are reinventing a highly traditional $45B market, enabling drug and device companies to increase the volume, quality and speed of data collection from patients regardless of location. COVID-19 tailwinds have created massive demand for telemedicine and home-based trials, with 2 new FDA guidance letters and a major, positive industry mindset shift that will only accelerate this year.
About the Position
Maintaining the security and privacy of our users is paramount to Curebase's mission. As a Security Engineer you will have organization-wide visibility to continuously support and monitor our commitment to privacy, security, and compliance.
This is a unique opportunity to use your engineering and security skills to make a direct impact in people's lives. We need a security engineer who can pick up and understand complex technical areas quickly, mitigate risk by increasing automation in security domains, and work with other engineers to securely release and maintain software, infrastructure, and an information security management system, while always working to increase our security and compliance posture.
- Analyze security systems and seek improvements on a continuous basis.
- Report on and research solutions to possible threats or software issues.
- Work with our engineering teams to remediate vulnerabilities in our systems according to our SLAs.
- Work directly with our clients in answering their security questions via our Vendor Security Questionnaire (VSQ) process.
- Develop cost-effective solutions to cybersecurity problems.
- Implement and lead on best practices and security standards for the organization.
- Routinely test and audit company software and network configurations.
- Contribute to engineering a secure application platform.
- Partner with Quality and Compliance to raise our security posture through the implementation of controls set by our compliance objectives.
- You are a passionate and confident leader that takes pride and ownership in the work you do.
- You understand software, hardware and infrastructure needs while adjusting them according to our business environment
- You have an understanding of best practices and how to implement them at a business-wide level
- You have experience implementing controls for information security compliance programs including HIPAA, SOC2, and GDPR
- You have experience managing IDS/IPS/FIM/Vuln scanning
- You are able to assess, prioritize, and execute on projects independently.
- You are comfortable working in a fast-paced environment
- You have excellent written and verbal communication skills. You remain calm under pressure.
- 2+ years of experience in the cybersecurity industry
- AWS cloud hosting
- Github: CI/CD
- Data: PostgreSQL, Redis
- Monitoring: Sentry
- IaC: Terraform
Bonus points if you have experience in:
- Working at a high growth startup
- Working on SaaS software
- Working in Health Tech
- 100% coverage for Medical / Dental / Vision
- 401k plan
- Flexible PTO
- Passionate team dedicated to making a positive impact
- Unlimited career growth opportunity