Job Title
Security Engineer, Detection & Response
Salary
Not Disclosed
Company Description
Doxy.me is a leading global telehealth platform trusted by over one million healthcare providers to deliver secure care across 180+ countries. As a HIPAA-regulated service, Doxy.me connects patients and providers through innovative technology and world-class design, ensuring that healthcare remains accessible and secure for millions of users worldwide.
Job Description
You will be the first dedicated Detection & Response engineer at Doxy.me, building the function from the ground up. You’ll own the detection lifecycle using a detection-as-code approach, building telemetry pipelines, and responding to threats across a cloud-native AWS platform to protect sensitive patient data for millions of providers and patients worldwide.
Location
London, UK (Remote)
Why this role is remarkable
- Greenfield opportunity to shape the entire detection and response function from scratch, defining the tooling, strategy, and roadmap for a global healthcare platform.
- High-impact position where you’ll protect sensitive medical data for over a million providers and their patients in a mission-driven, HIPAA-regulated environment.
- Work in a senior-heavy, autonomous team with no SOC manager, allowing you to drive engineering-led security initiatives using modern tools like Datadog and AWS.
What You Will Do
- Own the end-to-end detection lifecycle by researching threats and writing rules as code deployed via CI/CD pipelines rather than manual SIEM configuration.
- Build and maintain critical telemetry pipelines to gain deep visibility into application, infrastructure, and identity activity across the cloud-native ecosystem.
- Lead incident response efforts, including investigation and containment, while building automated response workflows that integrate directly with AWS and identity systems.
The ideal candidate
- Proven experience in detection engineering with a strong software engineering background in Python or TypeScript, prioritizing automation over manual security operations.
- Deep technical expertise in AWS and cloud-native infrastructure, with the ability to correlate signals across complex data sources using SQL and Datadog.
- Self-directed professional comfortable with ambiguity who can partner with product teams on threat modeling to identify security opportunities early in the design phase.
#J-18808-Ljbffr…
