Senior Security Engineer

Everlab is pioneering the next era of healthcare proactive personalised and most importantly accessible to all. About Us Everlab is an early stage HealthTech startup that recently announced a $15m Seed stage round building tech-enabled healthcare that improves and extends quality of life using cutting-edge medical research and technology. Our products design and coach our members through personalised risk-management and health-optimisation protocols over months and years to measurably improve lives. Our founding team is experienced in the Medical industry including the preventative health specialist who founded Australias first full-body MRI clinic to serial entrepreneurs that have scaled unicorns and have $500m in exits. Our mission is to solve high-impact problems in healthcare that have never been tackled before which isnt easy. We look for people that are excited by this mission and the challenges they bring as our team is driven to solve these problems together. Our Engineering team is Sydney based with 2-3 days a week in office in the CBD. About the role We're looking for a Senior Security Engineer who will define and execute Everlabs comprehensive cyber security strategy while being the hands-on technical lead for all security initiatives. Work directly with our Head of Engineering and IT team to build security from the ground up establishing the foundation for a world-class security program that protects our members health data and enables sustainable growth. You'll be instrumental in implementing security guardrails and automated controls across our AWS-native infrastructure while leading critical compliance certifications including IRAP and SOC 2. This is a unique opportunity to establish security practices in a high-growth healthtech environment building the roadmap for a future security team while ensuring we meet the rigorous requirements of healthcare and government clients. Responsibilities Security Strategy & Leadership Define and execute Everlabs end-to-end cyber security strategy across people process and technology Be the hands-on technical lead for security while also setting long-term policy and governance direction Collaborate closely with DevOps and Engineering teams to design secure infrastructure and deployments Define the roadmap for growing a security function with the right mix of engineering GRC and operations Risk Management Compliance & Accreditation Lead and maintain certifications such as IRAP and SOC 2 and prepare for others (e.g. ISO 27001 FedRAMP) Build and enforce internal policies secure coding practices and third-party risk frameworks Manage accreditation processes and coordinate with external auditors Secure Architecture & Implementation Implement guardrails automated controls IAM policies monitoring and alerting directly in AWS (e.g. Fargate RDS API Gateway) Review and enhance security in CI / CD container orchestration source code and dependencies Deploy policy-as-code frameworks for automated compliance validation Create security guardrails that guide developers towards secure choices Monitoring Detection & Incident Response Deploy and manage tooling for real-time threat detection and vulnerability management Lead incident response and postmortem processes; improve playbooks detection rules and recovery systems Simulate attacks or perform internal penetration tests to validate defenses Build automated incident detection and response capabilities Stakeholder Engagement & External Representation Act as the senior point of contact for all security-related questions from customers partners auditors and government bodies Clearly communicate risk posture and mitigation plans to executives and the Board Promote security awareness and accountability throughout the company especially within the product team What we are looking for 7 years of experience in hands Information Security roles ideally within SaaS or technology-driven businesses Engineering background with hands-on technical experience (e.g. ex pen tester security engineer) Strong understanding of compliance frameworks such as IRAP SOC 2 ISO27001 GDPR and other data protection regulations Hands-on experience managing accreditation processes and audits Proven track record in risk management security operations and incident response Technical Skills Cloud Security : AWS (Fargate RDS API Gateway IAM) Compliance Automation : Policy-as-code frameworks automated audit tools Vanta experience preferred Security Tools : SAST / DAST integration vulnerability management threat detection platforms Infrastructure : Experience with secure AWS-native architectures and SaaS security Languages : Python Go or similar for security automation and tooling CI / CD Security : Securing development pipelines and container orchestration Healthcare & Compliance Knowledge Experience with healthcare compliance requirements and data protection regulations Understanding of government client requirements and security expectations Knowledge of risk assessment methodologies and security frameworks Familiarity with Australian healthcare and government regulations (preferred) Leadership & Communication Skills Exceptional communication skills with the ability to engage technical and non-technical stakeholders Experience working with government clients highly desirable Ability to translate complex security concepts into business language Track record of building security culture and awareness programs Experience setting up security programs from scratch What we offer in return Hybrid working with 2-3 days a week in the office and flexibility for appointments school drop offs etc You go through the Everlab health program for free for your health benefit but also for you to experience the product like a customer Equity (ESOP) A company culture of highly motivated and driven people that all want to work with the best and be part of building something meaningful Opportunity to build and lead a security function from the ground up Direct impact on protecting healthcare data and enabling accessible healthcare technology Key Skills Car Driving,Access,CFA,Excel,Irrigation,Marine Services Employment Type Full Time Experience years Vacancy 1 #J-18808-Ljbffr