Senior Software Engineer, Security
Heartflow is a medical technology company advancing the diagnosis and management of coronary artery disease, the #1 cause of death worldwide, using cutting-edge technology. The flagship product—an AI-driven, non-invasive cardiac test supported by the ACC/AHA Chest Pain Guidelines called the Heartflow FFRCT Analysis—provides a color-coded, 3D model of a patient’s coronary arteries indicating the impact blockages have on blood flow to the heart. Heartflow is the first AI-driven non-invasive integrated heart care solution across the CCTA pathway that helps clinicians identify stenoses in the coronary arteries (RoadMap™Analysis), assess coronary blood flow (FFRCT Analysis), and characterize and quantify coronary atherosclerosis (Plaque Analysis). Our pipeline of products is growing and so is our team; join us in helping to revolutionize precision heartcare.
Heartflow is a publicly traded company (HTFL) that has received international recognition for exceptional strides in healthcare innovation, is supported by medical societies around the world, cleared for use in the US, UK, Europe, Japan and Canada, and has been used for more than 400,000 patients worldwide.
The Heartflow Information Security team is responsible for security across our corporate and product environments, protecting our patient data and medical device ecosystem. We are looking for a builder that loves the challenge of creating reliable security infrastructure that provides a secure happy path and enables teams to build life-saving products.
The initial focus will be on customizing security detection and automating response but the portfolio of tools and projects spans our cloud infrastructure and will include automation of reporting and compliance.
What You’ll Do:
- Develop security monitoring and alerting systems for Heartflow’s global corporate and production systems.
- Build and administer security tooling through a combination of AWS infrastructure, customization and integration with vendors.
- Collaborate with the Heartflow Platform and SRE teams to implement security strategy for Heartflow’s cloud infrastructure.
- Actively participate in Heartflow’s security incident response process.
- Drive automation of manual security processes for compliance and reporting.
What You Bring:
- Able to demonstrate a track record of driving improvements to a company’s infrastructure security posture.
- Security Communication – Ability to reason about risk in complex environments and communicate that risk to technical and non-technical audiences.
- Programming Skills – Experience delivering automation and integration projects, preferably in Python.
- Infrastructure as Code & Cloud – Familiarity with AWS (or equivalent cloud providers) and configuration tools (Terraform, Chef, Ansible). Experience with containerization (Docker, Kubernetes) and orchestration (GitHub Actions or similar).
- Education & Experience – BS in Computer Science (or related degree) or relevant certifications and equivalent experience. 4+ years experience as a software engineer in an information security or infrastructure engineering discipline.
- Regulated Environment Readiness – Understanding of—or willingness to learn—compliance, documentation, and quality requirements in medical or similarly regulated fields.
What Helps You Stand Out:
- Healthcare Experience – Current knowledge of HIPAA, HITRUST and the complexities of working in a regulated environment. Experience with Software as a Medical Device (SaMD) is especially valuable.
- Experience leveraging AI in security detection and response – Like all security teams, we want to leverage the latest technologies in a responsible and thoughtful manner.
A reasonable estimate of the base salary compensation range is $160,000 to $210,000 per year.
Create a Job Alert
Interested in building your career at Heartflow? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field