Cyber Engineer

SecurityRemoteFull-time

About the Role

Secure and maintain our Next.js web application, backend services, and Supabase database handling sensitive HIPAA medical data. You'll implement comprehensive security measures, perform vulnerability assessments, and ensure compliance with healthcare data security standards.

Responsibilities

Secure and maintain a Next.js web application, backend services, and Supabase database handling sensitive HIPAA medical data
Implement and enforce web application security measures, including XSS, CSRF, SSRF prevention, secure cookie handling, and JWT management
Design and implement API security controls, including rate limiting with Upstash Redis
Perform vulnerability assessments and penetration testing using tools such as Nmap, Nessus, Burp Suite, Metasploit, and Wireshark
Configure and manage logging, intrusion detection, and SIEM systems such as Datadog to monitor for threats and anomalies
Apply Oracle Cloud security practices, including identity and access management, encryption, and compliance controls
Develop, enforce, and audit security policies to maintain HIPAA compliance
Conduct threat modeling, risk assessments, and incident response planning
Collaborate with developers, DevOps, and compliance officers to ensure security is integrated into all stages of development and operations

Required Qualifications

Strong knowledge of web application security best practices
Experience with API security design and implementation
Proficiency in vulnerability and penetration testing using industry-standard tools
Ability to set up monitoring and detection systems for real-time security visibility
Experience with Oracle Cloud security practices and architecture
Understanding of HIPAA requirements and healthcare data security
Strong problem-solving skills and ability to respond quickly to security incidents
Excellent documentation and communication skills
2–5 years of professional experience in software development or a related field
Must have at least one certification: CISSP, CISM, CompTIA Security+, CCSP, OSCP, CEH, or HCISPP
Strong communication and collaboration abilities
Proactive, self-driven, and committed to continuous learning
Ability to work in fast-paced, startup-like environments

Preferred Qualifications

Experience with Supabase security features such as Row Level Security and access control
Familiarity with secure DevOps practices, CI/CD pipeline security, and dependency scanning
Hands-on experience with cryptography, key management, and secrets management solutions
Knowledge of HITRUST, NIST, or other security frameworks for healthcare applications

Apply for this Position

Responsibilities

Secure and maintain a Next.js web application, backend services, and Supabase database handling sensitive HIPAA medical data

Implement and enforce web application security measures, including XSS, CSRF, SSRF prevention, secure cookie handling, and JWT management

Design and implement API security controls, including rate limiting with Upstash Redis

Perform vulnerability assessments and penetration testing using tools such as Nmap, Nessus, Burp Suite, Metasploit, and Wireshark

Configure and manage logging, intrusion detection, and SIEM systems such as Datadog to monitor for threats and anomalies

Apply Oracle Cloud security practices, including identity and access management, encryption, and compliance controls

Develop, enforce, and audit security policies to maintain HIPAA compliance

Conduct threat modeling, risk assessments, and incident response planning

Collaborate with developers, DevOps, and compliance officers to ensure security is integrated into all stages of development and operations

Required Qualifications

Strong knowledge of web application security best practices

Experience with API security design and implementation

Proficiency in vulnerability and penetration testing using industry-standard tools

Ability to set up monitoring and detection systems for real-time security visibility

Experience with Oracle Cloud security practices and architecture

Understanding of HIPAA requirements and healthcare data security

Strong problem-solving skills and ability to respond quickly to security incidents

Excellent documentation and communication skills

2–5 years of professional experience in software development or a related field

Must have at least one certification: CISSP, CISM, CompTIA Security+, CCSP, OSCP, CEH, or HCISPP

Strong communication and collaboration abilities

Proactive, self-driven, and committed to continuous learning

Ability to work in fast-paced, startup-like environments

Preferred Qualifications

Experience with Supabase security features such as Row Level Security and access control

Familiarity with secure DevOps practices, CI/CD pipeline security, and dependency scanning

Hands-on experience with cryptography, key management, and secrets management solutions

Knowledge of HITRUST, NIST, or other security frameworks for healthcare applications