Hi! We are AMBOSS and we are looking for a Senior Cloud Security Engineer to join our team, and shape the future of medical education with us!
About AMBOSS
AMBOSS is a dynamic learning and clinical decision support tool committed to empowering physicians globally to deliver optimal care. Since our inception in 2012, we've harnessed cutting-edge technology to transform the way physicians acquire and apply scientific knowledge. Each AMBOSSian is passionate about being the champion of clinicians today - this motivates and unites us each day towards success. And what does success look like? When a clinician or med student tells us, “AMBOSS makes practicing medicine easier and enjoyable. I love what I do, and a big part is because of AMBOSS.”
Why can this position be exciting for you?
At AMBOSS, we’re on a mission to empower physicians around the world with the tools they need to provide the best possible care. Our platform helps medical students learn faster and clinicians make confident decisions at the point of care.
As we having priority for security in our cloud-native infrastructure and aim for security certification, we’re looking for a Senior Cloud Security Engineer to help us build a robust Information Security Management System (ISMS), strengthen our cloud security posture, and partner with platform and software teams to embed security into everything we do.
Join us in building a platform that helps medical professionals around the world make better decisions every single day.
You will:
Own and drive security security strategy and architecture for our cloud-hosted systems.
Embed security best practices into the software development lifecycle, from design and code review to deployment and monitoring.
Coordinate security initiatives across multiple teams to ensure consistent implementation of controls.
Lead security risk assessments and ensure remediation plans are tracked and delivered.
Own technical components of our ISMS, including logging, alerting, access control, etc.
Run security reviews and threat modeling for new projects and major changes.
Evaluate and integrate security tooling to support both infrastructure and application security.
You bring:
Proven experience securing cloud infrastructure (preferably AWS) in a production environment.
Familiarity with compliance frameworks like SOC 2, ISO 27001, or NIST.
Experience building or maintaining an ISMS and working with audit or certification processes.
Hands-on experience with container security tooling
Exposure to automated policy enforcement, security as code, or Kubernetes admission controllers, SIEM solutions, etc.
Strong communication skills, you can explain complex topics to technical and non-technical stakeholders alike.
A collaborative mindset, you're excited to partner with engineers in product teams.
You enjoy:
You enjoy collaborating with others and take pride in supporting engineering teams to succeed.
You’re a natural enabler, someone who thrives when building tools, platforms, and workflows that empower others.
You’re analytical and pragmatic, able to break down complex problems and find simple, reliable solutions.
You value clean, repeatable automation over manual fixes and enjoy optimizing systems for reliability and maintainability.
You like sharing expertise, whether through documentation, pairing, or internal talks, and you’re comfortable being the go-to person for infrastructure questions.
You have a growth mindset and enjoy learning new tools, technologies, and ways of working.
You enjoy building platforms as products and care about developer experience as much as technical correctness.
Benefits:
AMBOSSians tell us that innovative work keeps them energized, and employee benefits help them to feel appreciated and empowered. We invest in every AMBOSSians with our employee benefits package, crafted to support financial, physical, and mental health and work-life harmony. Check out all of our employee benefits below:
https://go.amboss.com/the-amboss-prescription-de
We believe that diversity is a powerful driver of innovation and progress. That’s why we are committed to fostering an inclusive, respectful, and supportive environment where everyone—regardless of gender, age, ethnic or cultural background, religion, disability, sexual orientation, gender identity—is valued and given equal opportunity to thrive. We warmly welcome people of all backgrounds to help us fulfil our mission: empowering all medical professionals to provide the best possible care🩺
Even if you don’t meet every single point in the job description, we still encourage you to apply. We’d love to hear from you!
