Heartflow is looking to solve the problem of advancing the diagnosis and management of coronary artery disease using cutting-edge technology, specifically by protecting patient data and medical device ecosystem through reliable security infrastructure.
Requirements
- Programming Skills – Experience delivering automation and integration projects, preferably in Python.
- Infrastructure as Code & Cloud – Familiarity with AWS (or equivalent cloud providers) and configuration tools (Terraform, Chef, Ansible).
- Experience with containerization (Docker, Kubernetes) and orchestration (GitHub Actions or similar).
- Able to demonstrate a track record of driving improvements to a company’s infrastructure security posture.
- Security Communication – Ability to reason about risk in complex environments and communicate that risk to technical and non-technical audiences.
Responsibilities
- Develop security monitoring and alerting systems for Heartflow’s global corporate and production systems.
- Build and administer security tooling through a combination of AWS infrastructure, customization and integration with vendors.
- Collaborate with the Heartflow Platform and SRE teams to implement security strategy for Heartflow’s cloud infrastructure.
- Actively participate in Heartflow’s security incident response process.
- Drive automation of manual security processes for compliance and reporting.
Other
- BS in Computer Science (or related degree) or relevant certifications and equivalent experience.
- 4+ years experience as a software engineer in an information security or infrastructure engineering discipline.
- Regulated Environment Readiness – Understanding of—or willingness to learn—compliance, documentation, and quality requirements in medical or similarly regulated fields.
- Healthcare Experience – Current knowledge of HIPAA, HITRUST and the complexities of working in a regulated environment.
- Experience with Software as a Medical Device (SaMD) is especially valuable.
