Cyber Security Engineer

About the role

As a Cyber Security Engineer at Naveira you will protect our Next.js applications, APIs and databases that store HIPAA‑protected patient information. You will embed security throughout the development lifecycle, from threat modelling to incident response, ensuring that our platform remains trustworthy for patients and healthcare fleets.

Key responsibilities

• Conduct threat modelling and security assessments for new features and systems.
• Implement and maintain security controls to achieve HIPAA compliance and protect sensitive data.
• Monitor infrastructure for vulnerabilities, anomalies and potential security incidents.
• Develop and maintain security tooling for authentication, authorization and audit logging.
• Respond to security incidents, perform root‑cause analysis and drive post‑incident improvements.

Required profile

• 4+ years of experience in cybersecurity, application security or DevSecOps.
• Strong knowledge of web application security (OWASP Top 10).
• Experience with HIPAA, SOC 2 or similar compliance frameworks.
• Ability to communicate security risks to both technical and non‑technical audiences.

Required skills

• Threat modelling and security assessment methodologies.
• Web application security (OWASP Top 10).
• HIPAA and SOC 2 compliance implementation.
• SIEM platforms and vulnerability scanning tools.
• Authentication, authorization and audit‑logging mechanisms.
• Next.js, Node.js or React application security.
• Cloud security on AWS, GCP or Azure.
• Penetration testing and red‑team techniques.