Senior Platform Security Engineer; d​/f​/m

Why us?

We believe that AI has the potential to revolutionize how cancer and other complex diseases are diagnosed and treated. We also believe that AI is a tool, not an identity – without access to high quality data and a scientifically rigorous, transparent approach to model development, AI is just a buzzword. That’s where we come in.

Aignostics is a spin-off from one of Europe’s largest and most prestigious university hospitals (Charité), with employees in Berlin and New York. We have received over $50M in funding from leading investors and are a growing team of over 100 interdisciplinary professionals. We work with academic partners as well as leading global life sciences companies.

As a Senior Platform Security Engineer at Aignostics, you will be a key member of our Platform Engineering & IT department, reporting to the Head of Platform Engineering & IT. Working hand in hand with our team and external collaborators in academia and industry, you will safeguard the infrastructure that powers digital pathology innovation. You'll own platform security implementation end-to-end --- from edge deployments at partner sites and workforce endpoint devices through to GKE clusters, Cloud Run, storage services, network architecture, central IAM, and AI training pipelines.

You collaborate with our CISO on conceptualizing, and owning platform security implementation initiatives that protect sensitive healthcare data, implementing solutions compliant with industry standards, and enable our developers to build secure-by-default solutions.

This is a unique opportunity to join a fun, diverse, and growing team of 100+ data scientists, software developers, biologists, and pathologists to shape the next generation of cancer treatments. You will be part of a driven community that works in an agile, supportive and interdisciplinary research environment where your results make a difference to patients. In our established startup, you have the opportunity to grow personally and technically, take responsibility and benefit from a dynamic work environment.

At Aignostics, we believe that fighting cancer is a job for people of all identities, backgrounds, and cultures. We value and celebrate diversity and inclusion and are committed to offering equal employment and promotion opportunities for all applicants and employees. Applicants will be considered regardless of their age, disability, ethnicity, race, gender identity or expression, sexual orientation, religion, and other characteristics.

We thrive through collaboration and believe the more inclusive we are, the better our work will be.

• Secure our cloud foundation in GCP and AWS
  :
  Design and implement technical security controls for our GCP and AWS infrastructure, including Kubernetes, storage services, VPCs, Cloud Run, and cloud-native workloads to protect sensitive healthcare data and AI models in alignment with our existing ISO 27001 controls.

• Secure our working environment: Support the integration of platform components and services into our Central Identity Provider (IDP) and the improvement of self‑service access, and privileged access management across cloud services.

• Manage vulnerabilities at scale: Strengthen our CVE management processes and automate vulnerability scanning for containers and infrastructure.

• Automate security at scale: Develop security‑as‑code solutions using Terraform, create CI/CD security gates using policy‑as‑code, and build automated remediation workflows to embed security into our development lifecycle.

• Enable secure development: Partner with engineering and data science teams to provide technical platform security consultation, create self‑service security patterns, and educate developers on security best practices in alignment with Security Awareness Program.

• Proven experience: 5+ years in cloud security or platform security engineering, with a track record of securing complex, cloud‑native infrastructure in production environments.

• Cloud security expertise: Deep experience securing GCP and/or AWS environments, with strong knowledge of IAM, PAM, network security, and container platforms.

• Iden…