Senior Security Engineer

Company Overview: 

Designed for beauty, built for growth, PatientNow brings clinical-grade EMR with intuitive charting, smart AI automation, advanced photography, marketing, patient engagement, and seamless practice management into one elegant system. Everything works together naturally, helping clients create a smooth, intentional patient experience from consultation to checkout. Supported by a U.S.-based team that understands the pace and artistry of aesthetics, PatientNow provides the technology and partnership to scale with confidence.


Vision: Empowering practices and businesses to improve health and wellness worldwide by helping their clients look and feel their best.


Mission: PatientNow is elevating businesses focused on beauty, wellness and medical aesthetics with innovative, all-in-one software and consulting service solutions. People who partner with us stand out in the industry with strong market differentiation, while streamlining operations for long term success and sustainable growth.


Values:

  • Show up – being present and supportive: for each other through collaboration and respect, for our customers with exceptional service, and for the business with dedication to excellence and growth.
  • Own the outcome – By understanding the objective, exceeding expectations with pride, confirming resolution, communicating early and often, and continuously learning and improving
  • Be Authentic – By sharing thoughts and opinions, keeping promises, showing your true self, and engaging with respect


Position Summary:

PatientNow is seeking a Senior Cybersecurity Engineer to lead and strengthen the security of our AWS based healthcare SaaS platform. This role is responsible for securing cloud infrastructure, driving PCI DSS implementation, and maintaining HIPAA and SOC 2 compliance.

This is a high ownership role within a growth stage organization where the candidate will wear multiple hats, serving as cloud security architect, incident response lead, compliance partner, vulnerability management owner, and team mentor, while mentoring two Junior Security Engineers.


Essential Duties and Responsibilities:

  • Lead Cloud Security Posture Management CSPM across AWS
  • Architect and harden AWS infrastructure including IAM, VPC, S3, WAF, encryption, and segmentation
  • Monitor and respond to security events using AWS security services including GuardDuty, Security Hub, CloudTrail, AWS Config, IAM Access Analyzer, WAF, and Inspector
  • Administer and optimize security tooling including CrowdStrike EDR, Tenable vulnerability management, and Aikido Security for code and application security posture management
  • Develop and maintain incident response processes and lead forensic investigations
  • Own the vulnerability management lifecycle including scanning, prioritization, remediation tracking, and reporting
  • Drive PCI DSS implementation and support HIPAA and SOC 2 audit readiness
  • Conduct risk assessments and implement mitigation controls
  • Support Business Continuity and Disaster Recovery BC DR security initiatives
  • Partner cross functionally to embed security into SDLC, DevOps, SRE, and CI CD workflows

Supervisory Responsibilities

  • Provide oversight, mentorship, and task prioritization for two Junior Security Engineers
  • Review security configurations, remediation efforts, and compliance deliverables including PCI DSS controls
  • Lead team coordination for SOC2, HIPAA and PCI audits, evidence collection, and remediation tracking
  • Support performance feedback and professional development
  • Foster a culture of accountability, technical excellence, and regulatory compliance


Competencies: To perform the job successfully, an individual should demonstrate the following.

  • Adaptability - Demonstrates persistence and overcomes obstacles. Measures self against standard of excellence. Recognizes and acts on opportunities. Sets and achieves challenging goals. Takes calculated risks to accomplish goals.
  • Business Ethics – Inspires the trust of others. Keeps commitments. Treats people with respect. Upholds organizational values. Works with integrity and ethically.
  • Communications - Exhibits good listening and comprehension. Expresses ideas and thoughts in written form. Expresses ideas and thoughts verbally. Keeps others adequately informed. Selects and uses appropriate communication methods.
  • Continuous Learning - Assesses own strengths and weaknesses. Pursues training and development opportunities. Seeks feedback to improve performance. Shares expertise with others. Strives to continuously build knowledge and skills.
  • Problem Solving - Develops alternative solutions. Gathers and analyzes information skillfully. Identifies problems in a timely manner. Resolves problems in early stages. Works well in group problem solving situations.
  • Teamwork - Balances team and individual responsibilities. Contributes to building a positive team spirit. Exhibits objectivity and openness to others' views. Gives and welcomes feedback. Puts success of team above own interests.


Education/Experience:

  • Bachelor’s degree in a technical field or equivalent experience
  • 6  to 10 years of cybersecurity experience including strong AWS cloud expertise
  • Hands on experience with AWS security services including GuardDuty, Security Hub, CloudTrail, Config, IAM, WAF, and Inspector
  • Experience with CrowdStrike, Tenable, and application security tooling such as Aikido Security
  • Proven PCI DSS implementation experience required
  • Strong knowledge of HIPAA and SOC 2 frameworks
  • Experience in incident response, vulnerability management, and audit support
  • Demonstrated leadership and mentorship experience
  • Ability to operate independently in a fast paced growth stage healthcare SaaS environment
  • Experience securing environments handling PHI preferred
  • AWS Certified Security Specialty, CISSP, CCSP, or similar certifications preferred


Why You’ll Thrive Here:

In this role, you’ll get to: 

  • Work at the intersection of innovation and impact, helping real-world practices grow and thrive in a rapidly expanding market;
  • Collaborate with a talented, curious team that values experimentation, learning, and customer empathy;
  • Be empowered to lead with autonomy while supported by strong leadership and product discipline; and
  • Help modernize aesthetics software in an industry that’s ripe for transformation through innovative, AI-native technology.


Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit at a desk and work on a computer for prolonged periods.


The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.


Note: PatientNow jobs are listed on our careers page patientnow.com/careers and select job boards. We will never ask for payment or sensitive info. Official emails come from @patientnow.com, @recura.ai or mail@ats.rippling.com


The pay range for this role is:

140,000 - 160,000 USD per year (Remote (United States))

Research & Development

Remote (United States)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling