Take ownership of application and cloud security across services, ensuring scalable and developer-friendly security standards in a HealthTech environment.
About Us:
At DrAnsay we are building digital medical services that make healthcare more accessible, efficient, and scalable. Our platform connects technology, medical expertise, and data-driven decision-making to deliver real value for patients and providers — at scale and across markets.
As a fast-growing HealthTech company, Security is becoming a key pillar of our engineering organization — and you will play a central role in shaping it.
You will join a modern, cloud-native environment built on:
Tech Stack:
TypeScript, Node.js, tRPC, gRPC, REST APIs
Postgres, Redis/BullMQ
Google Cloud Platform (GCP), Kubernetes
Prometheus, Grafana
iOS (Swift), Android (Kotlin/Java)
We are looking for a hands-on Security Specialist who wants to bring their expertise into this stack and actively shape how security is embedded across architecture, development, and infrastructure.
Your Mission:
Take ownership of application and cloud security across our services, APIs, mobile apps, and Kubernetes-based GCP infrastructure, ensuring pragmatic, scalable, and developer-friendly security standards.
You will work closely with engineering and leadership, contribute to architectural decisions, and have high visibility across the organization while remaining deeply hands-on.
Your Responsibilities:
Conduct hands-on penetration testing (Node.js/TypeScript, APIs, iOS/Android), including tools such as Burp Suite
Identify and remediate vulnerabilities (e.g., auth bypass, injection, deserialization flaws)
Define and implement secure API standards (JWT/OAuth, TLS/mTLS, validation, rate limiting, CORS)
Harden infrastructure (Kubernetes/GCP, Postgres, Redis/BullMQ) and secure mobile applications
Establish and continuously improve Secure SDLC practices (threat modeling, reviews, SAST/DAST in CI/CD)
Implement automated monitoring (eBPF, Falco) and support incident response
Contribute to GDPR, ISO 27001, and SOC 2 initiatives
This role offers a high level of ownership and autonomy. You will have the space to bring in your ideas, introduce pragmatic improvements, and shape security standards in a growing engineering organization.
Your Profile:
Solid hands-on experience in application and/or cloud security
Experience with Kubernetes and GCP
Strong understanding of API security (OWASP API & Mobile Top 10)
Experience securing Node.js/TypeScript systems
Comfortable working independently and driving initiatives forward
Nice to have:
CISSP, CKS, CCSP, OSCP | Container scanning | GCP IAM | Automation scripting
What We Offer:
Remote work & flexible setup
Professional development & certification budget
A role with real ownership and strong visibility
High impact in a high-growth environment
Flexible Work Hours
Remote work & flexible setup
Learning Budget
Professional development & certification budget
Dr. Ansay is pioneering the digital health landscape by offering a robust platform that makes medical services accessible and user-friendly for millions. With over 3 million online treatments provided, we connect patients with doctors and pharmacies, delivering innovative solutions like digital prescriptions and sick notes. Our mission is to create a simpler, faster, and more secure healthcare experience for everyone.
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Security Analyst Q&A's