Key Facts

Remote From:

Full time

English

Hard Skills

Cloud-Native Applications Python (Programming Language) Threat Modeling Datadog Computer Security Observability Identity And Access Management Product Security TypeScript Cyber Security Message Queuing Telemetry Transport (MQTT) Software Engineering Threat Assessment Crime Scene Investigation Identity And Access Management Incident Response Automated Information Systems Property Ownership

Other Skills

•
Collaboration
•
Communication
•
Adaptability
•
Dealing With Ambiguity
•
Detail Oriented
•
Problem Solving

Roles & Responsibilities

Experience writing and shipping detection rules using a detection-as-code approach
Strong programming skills in Python and/or TypeScript; comfortable with SQL for querying security data
Experience with AWS and cloud-native infrastructure
Familiarity with observability and monitoring platforms like Datadog

Requirements:

Own the detection lifecycle end-to-end: research threats, write rules as code, deploy via CI/CD, tune for precision, and maintain over time
Build and maintain telemetry pipelines that give visibility into application, infrastructure, and identity activity
Correlate signals across multiple data sources to improve detection accuracy and reduce false positives
Investigate and respond to security events, including containment, remediation, and post-incident analysis

doxy.me - telemedicine for all

About doxy.me - telemedicine for all

Doxy.me is a simple, free, and secure telemedicine solution. Designed with health care in mind, doxy.me is a HIPAA-compliant telecommunications platform that’s easy for patients and providers to use. It enables health care organizations to provide virtual care that's easily accessible to everyone, everywhere, on any device.Doxy.me is one of the only telemedicine platforms that offers a free version that is still HIPAA-compliant. This means that anybody can make an account and try out the platform completely risk-free. The product is localized in 100 languages, and offers 24/7 live interpreting in over 240 languages, making it usable around the world. But what sets doxy.me apart from other platforms?* A free, HIPAA-compliant version * A customizable virtual waiting room * Email and text invites * 24/7 live interpreters * No downloads * No patient accounts * Localized and accepts foreign currency* Permanent specialized waiting room link* HIPAA, PHIPA/PIPEDA, GDPR, HITECH and LDGP compliantDoxy.me believes everyone should have access to health care, and is aiming to remove barriers to traditional health care and telemedicine—like cost, complexity, and security.Doxy.me's approximately 150 employees are primarily located in Charleston, SC; Salt Lake City, UT; Rochester, NY; Western Europe and Ukraine.

Company type: SME

Founded: 2018

Company size: 51 - 200

Website LinkedIn See all jobs →

Job description

Security Engineer, Detection & Response

Technology — Senior — London (Remote)

Who You Are

You're a security engineer with a strong software engineering background who'd rather write detection-as-code than click through a SIEM UI. You care about protecting healthcare providers and the patients who depend on them — and you want to build the systems that make that possible.

You'll own Doxy.me's detection and security operations function: writing detection rules, building telemetry pipelines, and responding to threats across our cloud-native platform. You'll apply engineering principles to security — detection-as-code over point-and-click, automation over manual toil. Most of your time will be spent on detection engineering, but you'll also contribute to threat modeling and product security alongside the wider team.

You're comfortable with ambiguity, self-directed, and motivated by impact. There's no SOC manager — you'll shape this function from scratch.

Your Skills

Experience writing and shipping detection rules using a detection-as-code approach
Strong programming skills in Python and/or TypeScript; comfortable with SQL for querying security data
Experience with AWS and cloud-native infrastructure
Familiarity with observability and monitoring platforms like Datadog
Understanding of attacker techniques and frameworks like MITRE ATT&CK
Experience with CI/CD pipelines and software engineering workflows
Comfort with threat modeling and application security concepts

Nice to have:

Experience with incident response and forensic investigation
Familiarity with identity and access management systems

The Team

The Information Security team at Doxy.me is small and high-impact: a CISO, plus engineers covering corporate security, GRC & compliance, and product & application security. You'll be our first dedicated detection engineer — meaning you'll shape the function, the tooling, and the approach from the ground up. You'll work most closely with our product security engineer on threat modeling and detection strategy, and across the company with product and engineering teams.

Detection Engineering

Own the detection lifecycle end-to-end: research threats, write rules as code, deploy via CI/CD, tune for precision, and maintain over time
Build and maintain telemetry pipelines that give visibility into application, infrastructure, and identity activity
Correlate signals across multiple data sources to improve detection accuracy and reduce false positives

Security Operations & Response

Investigate and respond to security events, including containment, remediation, and post-incident analysis
Build automated response workflows that integrate with our cloud infrastructure and identity systems

Broader Security

Partner with product and engineering teams on threat modelling to identify detection opportunities early in the design process
Contribute to security monitoring standards, response procedures, and operational playbooks

Technical Assessment

As part of the interview process, you'll complete a practical assessment focused on detection engineering and threat analysis — or share a portfolio of relevant past work (detection rules, blog posts, open-source contributions, conference talks).

Who We Are

At Doxy.me, we're on a mission to connect the world to the future of healthcare. With the trust of over one million providers we are one of the largest Telehealth platforms in the world — but we're not done there. We're HIPAA-regulated and trusted with sensitive patient data across 180+ countries — protecting that trust is why our security team exists.

Blending innovative technology and world-class design, we enhance the patient-provider experience and extend the reach of healthcare to every corner of the globe. Our team is motivated by making a difference in the world and pushing the boundaries of what is possible. If you want to change the world by impacting the lives of millions while having fun with a great team, come join us!

Our Culture

Authentic: We are sincere and care personally. We don't let egos get in the way — getting to the right answer is more important than being right. We focus on doing the right thing and act with integrity.

Bright: We use our intelligence, talent, and curiosity to create simple, innovative, world-class solutions to problems. We are constantly seeking to increase our own brightness through learning and collaboration.

Effective: We are hungry self-starters who will get the job done regardless of circumstances. We don't need to be managed or told what to do. We pride ourselves in producing high-quality, world-class results.

Benefits

We are committed to giving you the tools you need to do your best work. We take care of the little things so you can focus on what matters most.

Here is a taste of what you can expect:

A fun, flexible work environment (work from home or on location at one of our regional hubs)
Competitive salary
Paid trainings and certifications
Advancement opportunities in a growing company
Medical, Vision, and Dental insurance
401k match
Unlimited PTO

Our employees give us a 4.9 rating on Glassdoor.

Ready to apply?

APPLY

Share ·