Senior Cybersecurity Engineer

Impiricus is the first and only AI-powered HCP Engagement Engine. In 2025, Deloitte named Impiricus the #1 fastest growing company in North America for their prestigious Fast 500 list. Founded by a practicing physician and a senior pharmaceutical executive, Impiricus was created to transform how life sciences companies support physicians. We ethically connect HCPs to pharma resources, reduce go-to-market costs and accelerate patient access to the treatments they need.

With our unique access to the largest opted-in network of HCPs, their insights, and clinical expertise, we are the leading provider of AI technology and real-time channels that life science companies need to deliver clear, reliable, and evidence-based resources directly into the hands of HCPs. Guided by a council of 2000+ trusted HCP advisors, we ensure every interaction is clinically meaningful, ethically grounded and leads to better patient care.

As a Senior Cybersecurity Engineer at Impiricus, you will lead the security vision and execution for complex, cross-product initiatives across our platform. You’ll serve as a principal contributor to the design and implementation of secure cloud infrastructure, application security, and threat detection capabilities, partnering closely with engineering, product, and leadership to protect and evolve our AI-driven healthcare engagement stack. You will shape security strategy, establish best practices, and drive high-impact security outcomes across multiple teams and domains.

• →Own and lead Impiricus’s security architecture across AWS, including identity, network security, data protection, and secure cloud-native services.
• →Serve as the primary owner of SOC 2 compliance, including control design, evidence collection, audit coordination, and continuous improvement of the control environment.
• →Design and implement application and infrastructure security controls across the SDLC, partnering with engineering teams to embed security by design.
• →Lead threat modeling, risk assessments, and security reviews for new products, features, and cross-platform initiatives.
• →Build and operate detection and response capabilities, including logging, monitoring, alerting, and incident response processes in AWS.
• →Define and enforce security standards, policies, and best practices, balancing strong security posture with developer velocity.
• →Partner with product, legal, and leadership to translate regulatory, customer, and business requirements into actionable security initiatives.
• →Mentor engineers and act as a security thought leader across the organization, raising the overall security maturity and culture.

• 7+ years of experience in cybersecurity, application security, or cloud security roles.
• Bachelor’s degree in Computer Science or a closely related technical field.
• Strong hands-on experience securing production environments in AWS.
• Hands-on experience with Crowdstrike.
• Hands-on experience planning, executing, and reviewing penetration tests (internal and third-party), including driving remediation efforts.
• Practical experience implementing, tuning, and operationalizing DAST and SAST tools within CI/CD pipelines.
• Deep understanding of secure software development practices, threat modeling, and vulnerability management.
• Experience supporting compliance initiatives such as SOC 2, including audit preparation, evidence collection, and coordination with internal stakeholders.
• Ability to provide timely support during critical cybersecurity incidents, including occasional after-hours response when required.
• Strong communication skills with the ability to translate security findings into clear, actionable guidance for engineering and leadership.
• Healthcare compliance experience (e.g., HIPAA) and distributed team experience are a plus.

Where you land within the range will reflect your skills, experience, and location, while keeping team parity in mind and leaving room for future growth.