Senior Cybersecurity Engineer

Title: Senior Cybersecurity Engineer

Employment Type: Full Time

Location: DocGo HQ: 35 West 35th Street, New York, NY 10001

Annual Salary Range: $155,000 - $170,000

Benefits: Medical, Dental, and Vision (with company contribution), Paid Time Off, 401k

About DocGo:
DocGo is leading the proactive healthcare revolution with an innovative care delivery platform that includes mobile health services, population health, remote patient monitoring, and ambulance services. DocGo disrupts the traditional four-wall healthcare system by providing high quality, highly affordable care to patients where and when they need it. DocGo's proprietary, AI-powered technology, logistics network, and dedicated field staff of over 5,000 certified health professionals elevate the quality of patient care and drive efficiencies for municipalities, hospital networks, and health insurance providers. With Mobile Health, DocGo empowers the full promise and potential of telehealth by facilitating healthcare treatment, in tandem with a remote physician, in the comfort of a patient's home or workplace. Together with DocGo's integrated Ambulnz medical transport services, DocGo is bridging the gap between physical and virtual care.

Position Overview: 

As a Senior Cybersecurity Engineer at DocGo, you will play a crucial role in safeguarding our infrastructure and protecting sensitive patient data across our mobile health services platform. Responsible for implementing robust security measures, developing vulnerability management processes, and driving secure DevOps practices, you will lead efforts to enhance our cybersecurity posture in a rapidly evolving threat landscape. Leveraging your expertise in cloud security, incident response, and compliance, you will spearhead initiatives to optimize our security operations, foster a culture of security awareness, and ensure the integrity of our innovative healthcare solutions. With a focus on proactive defense and continuous improvement, you will navigate complex regulatory requirements while collaborating with cross-functional teams to integrate security best practices throughout our software development lifecycle. Join us in making a significant impact on the security and trust of our mobile health services, as we strive to revolutionize patient care through technology.

Responsibilities:

• Strategically lead and implement cybersecurity measures across DocGo's infrastructure.

• Develop and refine vulnerability management processes, ensuring timely identification and mitigation of security risks.

• Drive the integration of security best practices into the DevOps pipeline, fostering a security culture within the organization.

• Monitor security metrics and implement continuous improvement initiatives in partnership with the IT and development teams.

• Architect and implement new security solutions aimed at enhancing our resilience and effectiveness, including the establishment of incident response protocols and threat detection procedures.

• Collaborate with third-party security vendors and manage security tool integrations to ensure a robust and layered defense strategy.

• Ensure compliance with HIPAA and other relevant healthcare security regulations, providing guidance on data protection and privacy requirements.

• Implement strategies to proactively address emerging threats, ensuring the ongoing security of our mobile health platforms and patient data.

• Collaborate with other departments to develop and implement security awareness programs that meet the needs of our diverse workforce.

• Stay informed about cutting-edge security technologies and methodologies, incorporating new approaches to strengthen our security posture.

• Maintain comprehensive documentation of security policies, procedures, and incident reports in accordance with organizational policies and legal requirements.

• Participate in planning for security initiatives, evaluate security investments, and make recommendations for resource allocation.

Qualifications:

• Relevant cybersecurity certifications (e.g., CISSP, CCSP, CCSK) highly preferred.

• Proven experience (5+ years) in cybersecurity roles with increasing levels of responsibility, including hands-on experience with cloud security, vulnerability management, and incident response.

• Strong technical abilities with demonstrated success in implementing and managing security tools, cloud platforms (especially AWS), and DevSecOps practices.

• Knowledge of programming languages such as Python, Go, Rust or similar.

• Specific experience with Wiz, AWS Security tools, Microsoft Sentinel and Datadog is a plus.

• Excellent problem-solving and analytical skills, with the ability to think creatively and adapt to rapidly changing threat landscapes.

• Experience with industry security frameworks (CIS, NIST CSF etc.)

• Knowledge of regulatory requirements and standards applicable to healthcare cybersecurity, particularly HIPAA.

• Commitment to maintaining high ethical standards and promoting a culture of security consciousness and professionalism.