We are a rapidly growing, Boston-based medical technology company using AI to help clinicians make more informed decisions on cardiovascular care - leading to better patient outcomes, improved quality of care, and reduced healthcare costs. Come work at Elucid and be part of delivering on our mission to prevent heart attacks and strokes!

You are a security engineer who likes being close to the technology, partnering with the organization and solving real security problems in a complex environment, not writing policies from the sidelines. At Elucid, you’ll help shape how information security is embedded into the development and delivery of our AI-powered cardiovascular imaging software used in a highly regulated Software as a Medical Device (SaMD) environment. You'll work across application security, cloud infrastructure and compliance, contributing to secure SDLC practices, threat modeling, code and design reviews, CI/CD security testing, AWS hardening and audit readiness. You will translate complex security and regulatory requirements into practical controls that support both patient safety and engineering velocity. If you bring technical credibility and the range to work across both security engineering and compliance, come help us build a product here at Elucid that physicians and patients can count on.

The ideal candidate will have:

• 5+ years of experience in security engineering, application security or a closely related software engineering role with a strong secure coding background, including fluency in common vulnerability classes (OWASP Top 10 and beyond), authentication and cryptography fundamentals.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience.
• Hands-on AWS security experience across IAM, VPC, GuardDuty, Security Hub, CloudTrail and KMS, with comfort building and maintaining infrastructure-as-code (Terraform or CDK).
• Proven information security compliance experience—writing controls, building evidence pipelines and supporting audits—with familiarity with ISO 27001, ISO 13485, HIPAA, SOC 2 or HITRUST helpful.
• Experience securing cloud and SaaS vendor environments, including vendor risk assessments and secure configuration, alongside scripting fluency in Python or a similar language for automation.
• Strong communication and a track record of effective collaboration across engineering and cross-functional teams in fast-moving startup environments.
• A plus to have: medical device or other regulated industry experience; SAST/DAST/SCA tooling; certifications such as CISSP, OSCP, or AWS Security Specialty.

Work Location and Hours:

• This role is based out of our office in Boston, MA. We operate in a hybrid model with regular in-office collaboration.

Salary Range:

• The anticipated base salary range for this position at Elucid is $130,000-$170,000. Compensation will be influenced by a wide array of factors including but not limited to internal pay equity, job-related knowledge, skills, education, relevant experience, certifications, and geography as outlined in the job description.

----------------------------------------------------

At Elucid, we believe the best work happens in a flexible hybrid environment. Boston-area employees are encouraged to work from the office on Mondays and Wednesdays, with the option to come in additional days if they prefer. Fully remote employees outside the Boston area come in as needed.

We are an equal opportunity employer and value diversity at Elucid. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability.

We understand that self-doubt can sometimes prevent great candidates from applying. If you believe you can make an impact at Elucid, even if you don’t meet every qualification, we encourage you to apply!