Medeloop

www.medeloop.ai

1 Job

36 Employees

About the Company

Medeloop is an AI-native platform that is creating the future of clinical operations and health research through cutting-edge AI and big data technologies, layered on top of a secure network of >100 million patient records. Medeloop originated from Stanford University and is backed by General Catalyst, Icon Ventures, Inovia Capital, Healthier Capital, and more. Medeloop's team includes leaders in AI, life sciences, and medical research.

Listed Jobs

Company Name: Medeloop
Job Title: Senior Security Engineer
Job Description: Job title: Senior Security Engineer Role Summary: Lead the design, implementation, and maintenance of secure AWS‑based infrastructure and application environments, driving the security roadmap, threat modeling, and compliance for a regulated health‑tech platform. Expactations: 6+ years of security engineering experience, deep expertise in AWS security services, infrastructure‑as‑code, CI/CD security, and compliance frameworks (SOC2, HIPAA, FedRAMP). Strong communication skills to translate technical risks into business‑level decisions; passion for safeguarding health‑data privacy and advancing secure technology solutions. Key Responsibilities: - Define and execute the security engineering roadmap across infrastructure, applications, and operations. - Own secure AWS environments (IAM, VPCs, encryption, access policies) and ensure they meet regulatory standards. - Conduct threat modeling, risk assessments, and security reviews of products and systems. - Develop and automate infrastructure security controls, vulnerability scanning, secrets detection, and container security. - Collaborate with DevOps to secure CI/CD pipelines, container runtimes, and deployment processes. - Enforce secure coding practices, perform code reviews with security emphasis, and integrate SAST/DAST tools. - Support SOC2, HIPAA, and FedRAMP compliance: define policies, documentation, and incident response plans. - Evaluate, implement, and manage security tools, services, and vendors to strengthen overall posture. - Stay abreast of emerging threats, technologies, and best practices, applying proactive measures. Required Skills: - Security engineering expertise in cloud‑native environments, especially AWS (IAM, KMS, GuardDuty, CloudTrail, WAF, Security Hub). - Infrastructure‑as‑Code security with CDK, Terraform, or CloudFormation. - Secure CI/CD pipeline design, container security, network security, encryption, IAM. - Vulnerability management, SAST/DAST tools, incident response. - Knowledge of compliance frameworks: SOC2, HIPAA, FedRAMP. - Strong analytical, problem‑solving, and communication abilities. Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience). - Relevant certifications preferred: CISSP, CISM, AWS Certified Security – Specialty, or similar.