Security Analyst (m/f/d) – Remote

At DrAnsay we are building digital medical services that make healthcare more accessible, efficient, and scalable. Our platform connects technology, medical expertise, and data-driven decision-making to deliver real value for patients and providers — at scale and across markets.

As a fast-growing HealthTech company, Security is becoming a key pillar of our engineering organization — and you will play a central role in shaping it.

You will join a modern, cloud-native environment built on:

Take ownership of application and cloud security across our services, APIs, mobile apps, and Kubernetes-based GCP infrastructure, ensuring pragmatic, scalable, and developer-friendly security standards.

You will work closely with engineering and leadership, contribute to architectural decisions, and have high visibility across the organization while remaining deeply hands-on.

• →

  Conduct hands-on penetration testing (Node.js/TypeScript, APIs, iOS/Android), including tools such as Burp Suite

• →

  Identify and remediate vulnerabilities (e.g., auth bypass, injection, deserialization flaws)

• →

  Define and implement secure API standards (JWT/OAuth, TLS/mTLS, validation, rate limiting, CORS)

• →

  Harden infrastructure (Kubernetes/GCP, Postgres, Redis/BullMQ) and secure mobile applications

• →

  Establish and continuously improve Secure SDLC practices (threat modeling, reviews, SAST/DAST in CI/CD)

• →

  Implement automated monitoring (eBPF, Falco) and support incident response

• →

  Contribute to GDPR, ISO 27001, and SOC 2 initiatives
  

This role offers a high level of ownership and autonomy. You will have the space to bring in your ideas, introduce pragmatic improvements, and shape security standards in a growing engineering organization.