Information Security Engineer

For this role, we will only consider candidates who are currently based in the Netherlands.
About SkinVision:
Skin cancer cases are growing at an alarming rate globally. In fact, 1 in 5 people will get skin cancer, but only 3% of the high-risk population is known to the health authorities. At SkinVision, we are on a mission to save the lives of 250,000 people in the next ten years by revolutionizing skin care management. Our technology allows users to take ownership of their skin health, recognizing (early) signs of skin cancer from anywhere, at any time, by combining the recommendations of AI and dermatologists.

Information Security Engineer at SkinVision
As an Information Security Engineer at SkinVision, you will play a central role in safeguarding our platform while working closely with our engineering, product, QA/RA, and operations teams. You will collaborate with the team to ensure secure system design, improve access controls, and maintain secure day-to-day operations across the organization.

You will oversee both the governance and the technical aspects of information security. This includes maintaining security policies, supporting compliance frameworks, conducting audits, and managing risks. At the same time, you will take hands-on responsibility for securing user accounts, protecting internal systems, and strengthening the security of our AWS infrastructure.

In this role, you are part of the team responsible for keeping our platform resilient, trusted, and compliant with international healthcare and data protection standards. You will help embed security into development workflows, improve identity and access management, and ensure that every part of our technology stack remains strong and well-protected.

What You will Do:

• Security Governance & Compliance

• Develop, implement, and maintain security policies, standards, and procedures across the organization.

• Conduct internal security audits and support external audits for certifications (ISO 27001, SOC2, HIPAA, GDPR, MDR).
• Ensure compliance with regulatory frameworks, maintaining risk registers and security documentation.
• Manage incident response processes, business continuity, and disaster recovery plans.
• Support security awareness training and foster a culture of security across the company.

• Handle external security inquiries from B2B partners and provide clear, accurate information about SkinVision security practices.

• Cloud Security & Technical Oversight

• Work closely with the engineering team to design, implement, and maintain strong security controls within SkinVision's AWS cloud infrastructure.

• Perform regular risk assessments, penetration tests, and vulnerability scans to identify and resolve security issues.
• Manage Identity and Access Management, encryption practices, and network security configurations to ensure secure and consistent access across the organization.
• Integrate security into CI/CD pipelines and development workflows, supporting a team-wide DevSecOps mindset.

• Monitor, detect, and respond to threats, ensuring systems remain protected and reliable.

• Leadership & Collaboration

• Work closely with the Security Officer and collaborate with engineering, product, and operations teams to integrate security into system design, development, and daily operations.

• Provide clear and regular updates to leadership regarding security risks, ongoing initiatives, and overall system health.
• Manage relationships with external vendors, auditors, and partners involved in security and compliance activities.
• Serve as a primary point of contact for all internal and external security-related questions, including audits, risk management discussions, and regulatory inquiries.
• Support the team in identifying improvements, guiding decisions, and promoting a shared responsibility for maintaining a secure and trusted platform.

What we are looking for:

• Based in the Netherlands, in close proximity to Amsterdam
• A degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
• Minimum 3–5 years of experience in information security, including cloud security and security governance.
• Knowledge of AWS security services (IAM, GuardDuty, CloudTrail, Config, WAF, KMS, etc.).
• Experience in designing and managing security policies, processes, and compliance frameworks.
• Familiarity with ISO 27001, SOC2, GDPR, HIPAA, and other regulatory standards.
• Good communication skills to explain complex security concepts to both technical and non-technical stakeholders.

Preferably:

• Previous experience in healthcare, HealthTech, or other regulated industries.
• Proven track record in conducting audits and risk assessments.
• Knowledge of containers and Kubernetes security.
• Background in incident response and forensic analysis.
• Scripting and automation skills (Python, Bash, PowerShell).

What we offer you:

• 3 office days per week with a healthy lunch and 2 days of working from home.
• A competitive salary based on your experience.
• Join our enthusiastic and professional team with colleagues from all over the world.
• A dynamic and rapidly growing scale-up in Amsterdam.
• Unlimited skin checks for you.
• Regular team events such as weekly drinks and frequent dinners.

Ready to use your skills to make a lasting impact in healthcare? Join us and help make advanced skin health accessible to everyone.