DevSecOps Engineer

At Nym, we’re passionate about simplifying healthcare by automating the accurate interpretation of clinical language.

Our interdisciplinary team has developed innovative technology that can understand clinical language and provides an entirely new way of analyzing and decoding medical records into clear, concise, and actionable information. This ultimately ensures clinical and administrative teams can spend more time focused on patient care.

At Nym, the future is bright. Our engine currently processes over six million charts annually in more than 300 emergency department and urgent care settings across the US. We are backed by top-tier VCs and growing rapidly, with offices in NYC and Tel Aviv.

Come join us!

Roles and Responsibilities:

Nym is seeking DevSecOps Engineer to join our growing Security team, reporting to our Chief Architect. This position is located in our TLV office and you will be responsible for Securiing our infrastructure end to end.

As a DevSecOps Engineer you will:

Design, implement, and maintain secure infrastructure throughout the software development lifecycle.
Automate security testing and integrate it into CI/CD pipelines.
Monitor security systems and tools for vulnerabilities, threats, and incidents.
Prioritize and remediate security issues and vulnerabilities in collaboration with development teams.
Develop and implement security best practices and policies.
Conduct security reviews and assessments of applications and infrastructure.
Collaborate with R&D and operations teams to ensure security is embedded in all stages of development and deployment.
Build security agenda around LLM/AI usage
Stay up-to-date with the latest security trends, threats, and technologies.

Requirements:

2-4 years of experience as a DevSecOps engineer in a global company, preferably in a startup environment.
Strong experience with AWS cloud security best practices and services (e.g., IAM, Security Groups, VPC, CloudTrail, GuardDuty, WAF).
Proficiency with security monitoring tools and platforms (e.g., SIEM, intrusion detection/prevention systems).
Experience implementing and managing shift-left security tooling and practices (e.g., SAST, DAST, SCA, secrets management in CI/CD).
Solid understanding of common security vulnerabilities and attack vectors.
Familiarity with DevOps principles and tools (e.g., Git, Jenkins/GitLab CI, Docker, Kubernetes).
Ability to prioritize and address security variabilities effectively.
Excellent problem-solving and communication skills.