Security Engineer

Company Profile

Hyperfine (NASDAQ: HYPR) is the groundbreaking MedTech company that created Swoop, the world’s first FDA-cleared portable magnetic resonance imaging (MRI) system capable of providing neuroimaging at the point of care. Our mission is to transform patient care by creating access to life-saving diagnostics and actionable data at the point of care.

Today, eighty percent of the world’s population lacks access to MRI. Hyperfine is on a mission to address the limitations of current imaging technologies and make MR imaging accessible anytime and anywhere.

Do you have a background in magnetic resonance imaging, deep learning, electrical engineering, physics, or related fields? What about health equipment sales, business development, or marketing? Hyperfine lives and works on the cutting edge of medical imaging accessibility. If you enjoy a challenge as much as you value a committed workplace, we could be the next step in your rising career.

Job Title: Security Engineer

Location: Guilford, CT

Summary:

The Security Engineer will be responsible for protecting Hyperfine’s computer systems, networks, cloud environments and facilities.  The position is an integral part of operations and IT and supports the performance, security and maintenance of Hyperfine’s in-house and outsourced infrastructure.  The Security Engineer will work closely with various parts of the organization to improve policies, processes and new product and feature introductions.  This person will also ensure platforms are efficiently monitored, measured and managed to align with the business expectations and that all compliance requirements are met including, but not limited to:  HIPAA, SOC2, HITRUST and federal and state security and compliance regulations.  To be successful, the Security Engineer should be customer focused (both internal and external), comfortable working as a partner in all aspects of security, technically adept and enjoy working in a fast-paced start-up environment.  This position will be on the IT & Security Team and will report to the Head of IT & Security.

Responsibilities:

• Assist with the implementation of security monitoring tools and programs
• Monitor Hyperfine environments for security breaches or intrusions and track for irregular system behavior and patterns
• Review periodic scans (daily, monthly, quarterly) of networks and penetration testing and remediate where necessary
• Communicate reports, findings and objectives of security team to management team
• Support the development of a set of security standards and best practices and recommend security enhancements
• Maintain assessments, remediation, incident management and auditability
• Drive the adoption of forward-thinking technology in a rapid growth environment with consideration of compliance standards and requirements (ex: SOC2, HITRUST)
• Identify unique cutting-edge solutions to business problems leveraging technology
• Ensure PHI data is properly maintained through the entire product and environment lifecycle
• Maintain a strict security posture for office, lab and hosted environments ensuring adherence to compliance standards and requirements (ex: SOC2, HITRUST)
• Support strategies to respond to and recover from a security breach
• Support development of staff education models regarding information security
• Ensure compliance and audit requirements are met on a regular basis
• After-hours work when necessary

Knowledge & Skill:

• Familiarity with security monitoring systems and tools
• Experience working with and protecting PHI/healthcare data
• Efficient & Speedy - you get work done in a fraction of the time as industry peers
• Intellectually Curious - you are thoughtful & inquisitive; people enjoy working with you because they learn from you
• Mission-Driven & Committed - you are passionate about the company's purpose and are immensely productive
• Team Oriented - you celebrate and take joy in the success of others on the team

Education/Experience Required:

• Bachelor's degree or equivalent experience
• 5+ years of relevant security experience
• 5+ years implementing and supporting security environments that adhere to compliance standards and requirements (ex: SOC2, HITRUST)
• Knowledge of security and encryption
• Knowledge of risk assessment tools, technologies and methods
• Knowledge of disaster recovery, computer forensic tools, technologies and methods
• Strong understanding of file integrity monitoring and data loss prevention
• Experience with G-Suite, Microsoft Office 365 and other cloud-based services in regard to security and best practices
• Experience with cloud-based storage (i.e., Google Drive, Dropbox, etc.) in regard to security and best practices
• Experience with OKTA, G-Suite, Mobile Device Management (MDM), Multi-factor Authentication (MFA), RDP, VPN in regard to security and best practices
• Experience with WIN10 and MacOS; iOS and Android in regard to security and best practices

Physical Demands:

• Ability to speak, write, and use all office equipment including scanner and printer, phone, computer, etc.
• Available nights, weekends, and holidays when needed (both scheduled and unscheduled)
• Both onsite and remote work. Onsite work required as needed per tasks and engagements that require onsite availability.