Senior Security Engineer, Application & Cloud

About Rad AI

At Rad AI, we’re on a mission to transform healthcare with artificial intelligence. Founded by a radiologist, our AI-driven solutions are revolutionizing radiology—saving time, reducing burnout, and improving patient care. With one of the largest proprietary radiology report datasets in the world, our AI has helped uncover hundreds of new cancer diagnoses and reduced error rates in tens of millions of radiology reports by nearly 50%.

Rad AI has secured over $140M in funding, including a recently oversubscribed $60M Series C round led by Transformation Capital, bringing our valuation to $525M. Our investors include Khosla Ventures, World Innovation Lab, Gradient Ventures, Cone Health Ventures, and others—all backing our mission to empower physicians with cutting-edge AI.

Our latest advancements in generative AI are used by thousands of radiologists daily, supporting more than one-third of radiology groups and healthcare systems and nearly 50% of all medical imaging in the U.S. at partners including Cone Health, Jefferson Einstein Health, Geisinger, Guthrie Healthcare System, and Henry Ford Health.

Recognized as one of the most promising healthcare AI companies by CB Insights and AuntMinnie, and ranked by Deloitte as the 19th fastest-growing company in North America, we are building AI-powered solutions that make a real impact.

If you’re ready to shape the future of healthcare, we’d love to have you on our team!

Why Join Us: 

We’re a fast-growing SaaS company building healthcare applications where security is critical, not just for compliance, but for trust. We’re looking for a Senior Cybersecurity Engineer with hands-on experience across both application and cloud security, driving execution and raising the security bar across our stack.

Picture a critical healthcare workflow depending on our platform around the clock, your work will help ensure every byte of data stays secure, each line of code remains resilient, and every cloud resource stands hardened against tomorrow’s threats. You won’t just find vulnerabilities; you’ll engineer the guardrails that let our teams innovate at speed without breaking things. From automating security checks in a bleeding-edge CI/CD pipeline to embedding robust controls that uphold our clients’ strict compliance needs, you’ll be the force multiplier empowering Rad AI to redefine what AI can do for healthcare. If you thrive on building world-class AppSec and CloudSec capabilities and take pride in protecting both software and the people who rely on it, this is your seat at the table.

This role will report to the Director of IT and Cybersecurity.

What You’ll Be Doing:

• Application Security (AppSec):

  • Integrate and manage security tools across CI/CD pipelines (SAST, SCA, IaC, container scanning) to ensure issues are caught early, before they impact production.

  • Perform code and system security assessments, then partner with developers to triage and remediate vulnerabilities quickly and effectively.

  • Conduct architectural reviews to uncover design-level risks, clearly documenting threats and mitigation strategies that shape secure system designs.

  • Champion secure coding practices through education and engagement, helping teams adopt a security-first mindset in their workflows.

  • Contribute to security policies, design standards, and development guidelines that raise the security bar across the company.

• Cloud Security (CloudSec):

  • Continuously assess and strengthen our AWS cloud environments (and other cloud platforms) to reduce risk and increase resilience.

  • Proactively detect and remediate misconfigurations in IAM, networking, encryption, and workloads to minimize exposure and reduce risk.

  • Collaborate with DevOps to secure infrastructure-as-code by implementing automated policy enforcement and cloud security benchmarks.

• Additional Responsibilities:

  • Monitor and respond to alerts from security tools (IDS/IPS, SIEM, EDR), helping us to detect threats early and enable fast, informed responses.

  • Develop and maintain incident response plans, playbooks, and tooling to ensure swift and coordinated responses to security events.

  • Drive security-focused projects from start to finish, including tool rollouts, vulnerability remediation efforts, and cloud hardening initiatives.

Who We’re Looking For:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• 4+ years of experience in Application Security.

• 2+ years of experience in DevSecOps or Cloud Security.

• Demonstrated knowledge of security frameworks and standards (e.g., OWASP ASVS, NIST SSDF, AWS Well-Architected Framework).

• Experience with security tools and technologies (e.g., Kubernetes, Snyk, Wiz, GitHub Actions, AWS GuardDuty).

• Strong project management skills and the ability to manage multiple projects simultaneously.

Nice to Haves:

• Professional certifications such as CCSP, CEH, CSSLP , AWS Certified Security - Specialty or equivalent are highly desirable.

Join our world-class team as we build and deploy AI solutions that empower physicians and transform patient care—making a meaningful impact on millions of lives. Driven by our mission,  we prioritize transparency, inclusion, and close collaboration, bringing together exceptional people to revolutionize healthcare. If you're passionate about driving innovation and delivering impactful healthcare solutions, we'd love to hear from you!

For US-Based Full-Time Roles, Rad AI offers a variety of benefits, including:

• Comprehensive Medical, Dental, Vision & Life insurance

• HSA (with employer match), FSA, & DCFSA 

• 401(k)

• 11 Paid Company Holidays

• Location Flexibility (Remote-first company!)

• Flexible PTO policy

• Annual company-wide offsite

• Periodic team offsites

• Annual equipment stipend

• For roles based outside the US, your recruiter can share more details

At Rad AI, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

Please be vigilant regarding job scams. We advise all candidates to apply directly through our official careers page. Our recruiters will use email addresses with the domain @radai.com or no-reply@ashbyhq.com.