SecOps Engineer

Navina is a fast-growing digital health SaaS company that’s on a mission to enhance the primary care experience by transforming the way physicians interact with patient data. Our proprietary AI models are specifically designed to understand the language of primary care, transforming complex and fragmented patient data into a concise “patient portrait" and actionable clinical insights at the point of care. This allows physicians to get the full picture of their patients and act on their health status instantly and accurately. Built by physicians for physicians, our AI platform reduces physician burnout, while helping healthcare organizations thrive in value-based care. Thousands of clinicians across the United States are using Navina’s AI-powered clinical intelligence solution to improve preventative care, reduce missed diagnoses, and reclaim time with their patients.

Navina has been named one of the Top 100 AI companies globally by CB Insights, and made the list of the Top 50 Digital Health startups. We are already working with industry leading health systems and value-based organizations including Privia Health and Tampa General Hospital.

Navina is looking for a talented and hands-on SecOps Specialist to join its core InfoSec & IT department.

Responsibilities

• The position is designed to be hands-on, focusing on the operational aspects of security and compliance within the organization. It is essential for supporting Navina’s strategic vision, ensuring effective and efficient implementation of security and compliance initiatives.
• As a SecOps Specialist you will be responsible for executing the operational aspects of information security and support security strategies formulated with the CISO.
• This role requires a strong focus on the day-to-day management and monitoring of security practices, the integration of security within the software development lifecycle, ensuring the organization’s policies, procedures, and different systems are aligned with customers’ requirements, regulatory requirements and industry best practices.

Requirements

• 2–4 years of experience in SecOps, DevSecOps, or cloud security roles.
• Strong understanding of secure development practices (SSDLC) and awareness of how to integrate security into build and deployment processes.
• Hands-on experience working with or securing CI/CD environments.
• Familiarity with automating security workflows and using tools such as Snyk, Trivy, Checkov, or OWASP ZAP (or similar).
• Solid understanding of cloud security fundamentals (AWS, GCP, or Azure).
• Working knowledge of network, container, and identity security.
• Exposure to incident response and vulnerability management processes.
• Strong communication skills and the ability to work collaboratively across engineering and operations teams.

Nice to Have

• Experience with IaC security (Terraform, CloudFormation).
• Knowledge of compliance frameworks (SOC2, HIPAA, HITRUST).
• Experience in application security testing and code review.

You don’t need to meet 100% of the requirements to be a great fit. We believe in hiring people, not just checklists, and we value potential as much as experience. If this role excites you, we’d love to see your application!