RemoteFull time

Security Engineer

AWS serverless environment

CDK and TypeScript infrastructure as code

Security across AWS, SDLC and endpoints

SOC, HIPAA and HITRUST compliance focus

Core Platform Team role

Join the Platform Team as a Security Engineer, strengthening AWS serverless infrastructure, secure development practices, endpoint security, and compliance across SOC, HIPAA, and HITRUST in a remote permanent role.

Overview

This organisation is building a new healthcare clearinghouse in a market long dominated by legacy technology. Its platform combines modern API interfaces with traditional real-time and batch EDI processes to support mission-critical healthcare transactions.

The Platform Team sits at the core of the infrastructure and is responsible for:

  • The AWS infrastructure used by engineering teams
  • Management of the GitHub organisation and IT operations
  • Supporting compliance efforts across industry standards including SOC, HIPAA, and HITRUST

As a Security Engineer, you will help shape AWS infrastructure, the software development lifecycle, and endpoint security so engineering teams can build secure, compliant applications.

How You'll Be Working

  • AWS is used exclusively for backend infrastructure that processes customer data
  • Serverless technologies are used almost exclusively, including Lambda, API Gateway, SQS, SNS, DynamoDB, and Aurora Serverless
  • Infrastructure is defined as code using CDK in TypeScript
  • There is a strong preference for AWS-native products over third-party solutions

What You'll Be Doing

  • Develop playbooks and address security-related tasks in AWS serverless environments
  • Drive improvements in the broader security posture, including application security, endpoint security, access management and just-in-time access, email and web gateways, browser security, and data loss prevention
  • Collaborate with product engineering teams to raise the bar for security, supporting CI/CD pipelines, dependency management, and secure application design reviews
  • Help secure and improve the AWS organisation using infrastructure as code, enforcing security controls and ensuring strong tenant isolation
  • Continuously assess vulnerabilities and perform regular risk assessments

What You'll Need to Succeed

  • 4+ years of engineering experience in a security engineer or security-adjacent role
  • Familiarity with compliance frameworks such as SOC, HIPAA, and/or HITRUST
  • 4+ years working with AWS services, including AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty
  • Proficiency in TypeScript
  • Ability to prioritise work based on business and customer needs
  • High bandwidth with thoughtful attention to many areas simultaneously
  • Ability to context switch as priorities shift
  • Philosophical alignment with the organisation's standards and unwritten laws

What's In It for You

  • Remote role
  • Permanent opportunity
  • Salary: USD 200,000 - 300,000 / Year

Get notified about your perfect job

Send us your CV and we'll message you when we find a good match.

upload CV