About the company

Biorce is a pioneering Healthtech company dedicated to revolutionizing drug development through the power of AI. We are passionate about accelerating medical advancements and improving patient outcomes.

Our team comprises seasoned clinical research professionals, data scientists, and AI experts, working collaboratively to bridge the gap between cutting-edge technology and real-world clinical needs.

With an unwavering commitment to revolutionize healthcare, we envision a world where all patients benefit from accelerated and cost-effective access to treatments. Biorce is poised to redefine the landscape of healthcare, shaping a future where innovation and accessibility converge for the betterment of humanity.

About the role

We are seeking an experienced Security Engineer / Security Architect to design, implement, and govern the security and compliance foundation of Biorce’s AI-driven clinical platform.

This role sits at the intersection of cloud security, platform architecture, and regulatory compliance. You will be a key owner of our security posture, responsible for embedding security-by-design principles across infrastructure, applications, data pipelines, and AI systems. You will work closely with Platform, AI, Data, and Engineering teams to ensure that security, privacy, and regulatory requirements are met without slowing innovation.

This is a hands-on, high-impact role suited for someone who enjoys building security programs from the ground up in regulated, high-growth environments.

Key Responsibilities

Security Architecture & Engineering

• Design and evolve Biorce’s end-to-end security architecture across cloud infrastructure, Kubernetes, CI/CD, and application layers.
• Define and implement secure reference architectures for cloud-native and AI-driven systems.
• Lead threat modeling and risk assessments for platform components, data flows, and AI pipelines.
• Establish identity and access management strategies, including least privilege, role-based access control, and zero-trust principles.
• Implement and maintain secrets management, key management, and encryption standards for data at rest and in transit.
• Partner with Platform and DevOps teams to embed security controls into Terraform, Kubernetes, and GitOps workflows.

Compliance & Governance

• Own and drive compliance initiatives for SOC 2 and ISO 27001, including gap analysis, control design, implementation, and evidence collection.
• Support alignment with healthcare and data protection regulations such as GDPR, HIPAA, and GxP where applicable.
• Lead preparation for external audits and act as a primary technical point of contact for auditors and assessors.
• Design and maintain security policies, standards, and procedures aligned with industry best practices.
• Implement automated compliance monitoring and auditability across cloud and platform environments.

AI & Emerging Regulation Security

• Collaborate with AI and Data teams to design secure, compliant AI and ML pipelines.
• Support governance and risk management aligned with emerging AI regulations and frameworks such as the EU AI Act, NIST AI Risk Management Framework, and similar standards.
• Define controls for data provenance, model access, model integrity, and monitoring of AI systems.
• Contribute to responsible AI practices, including transparency, accountability, and risk mitigation.

Detection, Monitoring & Incident Response

• Design and improve security monitoring, logging, and alerting across infrastructure and applications.
• Support incident response processes, including playbooks, investigations, and post-incident reviews.
• Continuously assess and improve security posture through vulnerability management and security testing.

Enablement & Culture

• Act as a security advisor to engineering teams, enabling secure-by-default development practices.
• Provide guidance, documentation, and training to raise security awareness across the organization.
• Balance security rigor with developer experience and platform velocity.

Required Qualifications

• 2+ years of experience in Security Engineering, Security Architecture, or related roles.
• Strong experience designing security architectures for cloud-native systems.
• Hands-on experience with cloud security in GCP (preferred), including IAM, networking, and managed services.
• Proven experience leading SOC 2 and ISO 27001 compliance initiatives in production environments.
• Solid understanding of Kubernetes security, container security, and CI/CD security.
• Experience with secrets management, encryption, and key management solutions.
• Familiarity with infrastructure-as-code and GitOps-based environments.
• Strong understanding of risk management, threat modeling, and security controls.
• Ability to translate regulatory requirements into practical technical implementations.
• Bachelor’s or Master’s degree in Computer Science, Security, Engineering, or equivalent experience.

Preferred Qualifications

• Experience working in regulated industries such as healthcare, life sciences, or fintech.
• Exposure to AI/ML security, data governance, or model risk management.
• Familiarity with frameworks such as NIST, CIS Controls, and NIST AI RMF.
• Experience with security automation and compliance-as-code approaches.
• Knowledge of privacy engineering and GDPR implementation.
• Experience supporting multi-cloud or hybrid environments.
• Contributions to internal security tooling, automation, or open-source projects.

Why Join Us?

• Shape the security and compliance foundation of a greenfield AI healthcare platform.
• Work at the forefront of AI, healthcare, and emerging global regulations.
• Collaborate with world-class engineers, data scientists, and clinical experts.
• Operate in an environment where security is a strategic enabler, not an afterthought.
• Comprehensive private health coverage supporting physical and mental well-being.
• Company-sponsored gym membership and wellness benefits.
• Hybrid work model offering flexibility and balance.
• Office perks including coffee, tea, beverages, and snacks.
• Team events and company retreats to celebrate progress and milestones.

By submitting this application, I agree that my personal data will be collected, processed, and retained by the company solely for the purposes of managing and assessing my candidacy.