At Rad AI, we’re on a mission to transform healthcare with artificial intelligence. Founded by a radiologist, our AI-driven solutions are revolutionizing radiology—saving time, reducing burnout, and improving patient care. With one of the largest proprietary radiology report datasets in the world, our AI has helped uncover hundreds of new cancer diagnoses and reduced error rates in tens of millions of radiology reports by nearly 50%. Rad AI has secured over $140M in funding, including a recently oversubscribed Series C ($68M round) led by Transformation Capital, bringing our valuation to $528M. Our investors include Khosla Ventures, World Innovation Lab, Gradient Ventures, Cone Health Ventures, and others—all backing our mission to empower physicians with cutting-edge AI. Our latest advancements in generative AI are used by thousands of radiologists daily, supporting more than one-third of radiology groups and healthcare systems and nearly 50% of all medical imaging in the U.S. at partners including Cone Health, Jefferson Einstein Health, Geisinger, Guthrie Healthcare System, and Henry Ford Health. Recognized as one of the most promising healthcare AI companies by CB Insights and AuntMinnie, and ranked by Deloitte as the 19th fastest-growing company in North America, we are building AI-powered solutions that make a real impact. Most recently, Rad AI was named to CNBC’s Disruptor 50 list, highlighting the innovation and momentum behind our mission. If you’re ready to shape the future of healthcare, we’d love to have you on our team! Why Join Us : We’re a fast-growing SaaS company building healthcare applications where security is critical, not just for compliance, but for trust. We’re looking for a Senior Security Engineer with hands-on experience across both application and cloud security, driving execution and raising the security bar across our stack. Picture a critical healthcare workflow depending on our platform around the clock. Your work will help ensure every byte of data stays secure, every line of code remains resilient, and every cloud resource is hardened against tomorrow’s threats. You won’t just find vulnerabilities—you’ll engineer the guardrails that let our teams innovate quickly without breaking things. From automating security checks in a cutting-edge CI/CD pipeline to embedding robust controls that meet our clients’ strict compliance needs, you’ll be the force multiplier empowering Rad AI to redefine what AI can do for healthcare. If you thrive on building world-class AppSec and CloudSec capabilities—and take pride in protecting both software and the people who rely on it—this is your seat at the table. This role will report to the Director of IT and Security. What You’ll Be Doing: Application Security (AppSec) : * Integrate and manage security tools across CI/CD pipelines (SAST, SCA, IaC, container scanning) to ensure issues are caught early, before they impact production. * Perform code and system security assessments, then partner with developers to triage and remediate vulnerabilities quickly and effectively. * Conduct architectural reviews to uncover design-level risks, clearly documenting threats and mitigation strategies that shape secure system designs. * Champion secure coding practices through education and engagement, helping teams adopt a security-first mindset in their workflows. * Contribute to security policies, design standards, and development guidelines that raise the security bar across the company. Cloud Security (CloudSec): * Continuously assess and strengthen our AWS cloud environments (and other cloud platforms) to reduce risk and increase resilience. * Proactively detect and remediate misconfigurations in IAM, networking, encryption, and workloads to minimize exposure and reduce risk. * Collaborate with DevOps to secure infrastructure-as-code by implementing automated policy enforcement and cloud security benchmarks. Additional Responsibilities: * Monitor and respond to alerts from security tools (IDS/IPS, SIEM, EDR), helping us to detect threats early and enable fast, informed responses. * Develop and maintain incident response plans, playbooks, and tooling to ensure swift and coordinated responses to security events. * Drive security-focused projects from start to finish, including tool rollouts, vulnerability remediation efforts, and cloud hardening initiatives. Who We’re Looking For: * Bachelor's degree in Computer Science, Information Technology, Security, or a related field. * 4+ years of experience in Application Security. * 2+ years of experience in DevSecOps or Cloud Security. * Demonstrated knowledge of security frameworks and standards (e.g., OWASP ASVS, NIST SSDF, AWS Well-Architected Framework). * Experience with security tools and technologies (e.g., Kubernetes, Snyk, Wiz, GitHub Actions, AWS GuardDuty). * Strong project management skills and the ability to manage multiple projects simultaneously. Nice to Haves: * Professional certifications such as CCSP, CEH, CSSLP, AWS Certified Security - Specialty or equivalent are highly desirable.
