Building the security foundation for dental's digital infrastructure EviSmart is the operating system for 2,000+ dental labs across 28 countries. We’re the infrastructure layer connecting labs, dentists, and design centers globally—processing thousands of dental CAD designs daily. We handle Protected Health Information for thousands of patients. Security isn’t a feature for us. It’s existential. The Role You’ll be our first dedicated security leader—a player‑coach who builds the program while staying deeply hands‑on. What you’ll own Application Security Secure dozens of API integrations (scanner portals, LMS systems, AI pipelines) Embed security into development workflows across distributed teams Drive vulnerability management from detection to remediation Infrastructure Security Manage identity and access for 300 employees across 4 countries Ensure encryption at rest and in transit Compliance & Governance Own HIPAA compliance (BAAs, breach procedures, audit trails) Own GDPR compliance (international transfers, SCCs, data rights) Lead SOC 2 certification—enterprise customers are asking for it Security Operations Build detection and monitoring from the ground up Lead incident response when things go sideways Create security awareness culture across Canada, Philippines, South Korea, and China You're a fit if you have Must have 5+ years in security engineering or architecture Deep hands‑on cloud security experience (AWS/Azure/GCP) Track record securing APIs and microservices Real‑world experience with HIPAA, GDPR, or similar frameworks Ability to translate security to non‑technical stakeholders Healthcare industry experience (you know what a BAA is) Led a SOC 2 certification end‑to‑end AI/ML security background Security certifications (CISSP, CISM, etc.) Why this matters This isn’t a checkbox security role at a company that treats you as overhead. #J-18808-Ljbffr
