Listing Description

Security Engineer

Imagen enables Primary Care providers to become technology-enabled multispecialty practices, powering a successful transition from fee-for-service to value-based care. Imagen’s comprehensive platform includes in-office diagnostic testing, diagnostic interpretations powered by proprietary FDA-cleared machine learning software, and virtual specialist consults. Imagen’s platform empowers Primary Care providers to achieve healthcare’s quadruple aim of increasing quality, lowering costs, and improving the patient and provider experience. 

Imagen’s team includes over 100 clinical, technical and business personnel. Imagen’s software has received first-of-its-kind FDA clearances, and its research has been published in leading peer-reviewed journals. Imagen has raised $135 million in capital from investors such as Google Ventures, Casdin Capital, and Threshold Ventures. Imagen was founded in 2015 and is based in New York City.

We're looking for a Security Engineer to be an integral member of our Security Team. In this high-impact role, you will be responsible for maintaining patient safety through managing our security tools, improving the security of our medical devices and cloud infrastructure, and helping us reach our security compliance goals. This role will also have responsibilities in endpoint security, cloud security, Incident Response, and vulnerability assessment. This is a hands-on role, and our ideal candidate will maintain high standards, is passionate about delivery of care to patients, and wants to play an impactful role in the development of our innovative medical devices. This is an excellent opportunity for someone eager to learn and grow. 

As the Security Engineer, you will:

• You'll be a technical leader within Imagen, driving and facilitating critical thinking on ways to improve our cloud security configurations 


• You'll drive DevSecOps best practices, and help our teams operationalize security as part of our product delivery process


• You'll engage with customer and partner teams to understand our APIs and how to better secure them


• You’ll own our security tools in AWS, such as SecurityHub, and proactively identify tools to improve Imagen’s security posture


• You'll promote sound security practices, such as maintaining the security of Imagen’s financial applications through ISO 27001 standards and NIST frameworks 


• You'll initiate, influence, and interact with key stakeholders to improve and maintain the security of Imagen’s medical device 

Requirements:

• You are passionate about cybersecurity


• You possess expertise in understanding and testing APIs


• You have experience working with AWS 


• You know how to use Infrastructure as Code (e.g., Terraform, Ansible) to fix security gaps


• You enjoy working with CVEs and remediating security vulnerabilities

Nice-to-haves:

• Background in a healthcare-related or other regulated field


• Compliance experience (e.g., HIPAA, HITRUST, SOC2, or PCI) 


• Proficiency in a programming/scripting language (Python, Ruby, etc)


• Experience with offensive security processes like port scanning, vulnerability scanning, enumeration, and exploitation

Imagen Technologies maintains a Substance Abuse and Testing policy. Being under the influence of alcohol or controlled substances while on the job or while conducting business on Imagen’s behalf is prohibited. Any offer of employment will be made contingent upon successful completion of a drug test, subject to compliance with all applicable federal, state, and local laws.

Imagen is committed to the principle of equal employment opportunity for all employees and applicants for employment and prohibits discrimination and harassment of any kind without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  Imagen will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.