Staff Information Security Engineer

Join to apply for the Staff Information Security Engineer role at N-Power Medicine, Inc.

1 week ago Be among the first 25 applicants

Join to apply for the Staff Information Security Engineer role at N-Power Medicine, Inc.

About N-Power Medicine
N-Power Medicine aims to establish a new paradigm in drug development by reinventing the ‘how’ and transforming clinical trials through better integration with clinical practice, ensuring broader participation by physicians and patients. We are building an exceptional multi-disciplinary team with diverse expertise spanning healthcare, engineering, technology, and regulatory, sharing our core value of Empowering Community through generosity, curiosity, and humility. We are working with urgency to bring better therapies to patients faster.

Position Overview
N-Power Medicine is hiring a Staff Information Security Engineer reporting to the Senior Manager, Security & Privacy. This position will be responsible for designing, implementing, and optimizing security solutions to protect critical systems and sensitive patient data, ensure compliance with industry regulations, and mitigate cybersecurity risks. The ideal candidate has deep expertise in cloud security, security architecture, risk management, and hands-on experience implementing security technologies within a healthcare environment.

This position is remote within the United States.

Role Objectives And Responsibilities

1. Design, implement, and manage security controls in accordance with HIPAA, HITRUST, ISO 27001, NIST, and other industry-standard security frameworks to protect N-Power systems and sensitive data
2. Conduct periodic threat modeling and security risk assessments to identify and remediate security risks
3. Perform vulnerability scans for N-Power Medicine systems and software and apply patches and upgrades as required
4. Coordinate and oversee the execution of regular third-party penetration testing efforts and lead remediation for identified findings
5. Support N-Power’s security audits through preparation of evidence, participation in interviews with auditors, and remediation of audit findings
6. Lead security incident response efforts, including detection, containment, investigation, root cause analysis, and remediation of security incidents
7. Implement continuous monitoring, threat intelligence, and alerting through implementation and oversight of log aggregation and security information and event management (SIEM) solutions
8. Collaborate with Data & Technology, Quality, and IT teams to integrate security requirements and best practices into in-house developed software products, data platforms, and proof of concept initiatives
9. Integrate security best practices into CI/CD pipelines and conduct secure code reviews
10. Develop and maintain security policies, procedures, and technical documentation
11. Evaluate and recommend security technologies, tools, and practices to continuously enhance the organization’s security posture
12. Assess and monitor the security posture of third-party vendors and partners
13. Provide guidance and training to internal teams to promote a strong security culture
14. Develop and enforce security configurations for firewalls, IDS/IPS, SIEM, and endpoint protection platforms
15. Develop and test strategies to support high availability, business continuity, and disaster recovery of key platforms, tools, and sensitive data

Education, Experience, Behavioral Competencies, & Skills

1. 8+ years experience in Information Security with a focus on healthcare security solutions
2. BS/BA, Computer Science, Cybersecurity, or equivalent relevant experience
3. Relevant certifications such as CISSP, CISM, CISA, CEH, etc. preferred
4. Strong knowledge of HIPAA, HITRUST, ISO 27001, NIST, and other healthcare security regulations
5. Experience configuring and managing security technologies such as SIEM, EDR, firewalls, IDS/IPS, and cloud security tools
6. Strong understanding of cryptographic principles, IAM, and endpoint security
7. Expertise in securing cloud environments (AWS preferred) and in-house developed software applications
8. Hands-on experience with DevSecOps practices and secure SDLC methodologies
9. Strong interpersonal and communication skills with ability to effectively collaborate with cross-functional teams
10. Generous, Curious, and Humble

Travel Requirements

This position is mostly remote; however, ability to travel to Redwood City, CA for periodic meetings may be required.

Pay Information

The expected salary range for this position is $145,000 - $183,000. Actual pay will depend on experience, qualifications, location, and other factors. N-Power Medicine offers equity, a discretionary annual bonus, and company benefits.

More About Us:

We are a mission-driven, well-funded, rapidly growing company offering competitive compensation, benefits, a 401K plan, and other perks.

We are an Equal Opportunity Employer and value diversity. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, gender identity, age, veteran status, disability, or other protected characteristics.

Covid-19 Policy – The Company is committed to safety and health. Currently, there are no mandatory COVID-19 vaccinations for employees; some roles may have specific requirements based on partner mandates. The policy may change at any time.

Applicants must be authorized to work in the U.S. full-time; the company will not sponsor visas.