Build a Career Where
the Work Is the Work
We hire senior practitioners who want to be on the keyboard — not in the slide deck. If healthcare security is what you've spent your career on, we'd like to meet you.
A Place For Senior Practitioners
Real Engagements, Real Impact
You'll lead engagements end-to-end — scoping, testing, writing, and presenting. No staffing wheel. No invisible work.
Senior-Only Team
Everyone you work with has a decade-plus in healthcare cyber. No babysitting juniors. No ghost-writing for partners.
Remote-First, Boundaried
Fully remote across the US. We don't run weekend fire drills. We don't bill 70-hour weeks. The work is the work.
Healthcare-Only Focus
You'll specialize. You'll get deeper. You'll stop relearning the same vertical context every quarter.
Conference & Cert Budget
Annual budget for DEF CON, BSides, HCISPP, OSCP, and any other certification or conference you can defend.
Profit Sharing
Senior staff participate in a transparent profit-share. Good year for the firm = good year for you.
Currently Hiring
All roles are full-time, remote in the US, with senior-level compensation.
Senior HIPAA & SOC 2 Consultant
Lead end-to-end HIPAA Security Rule and SOC 2 Type II readiness engagements for digital health and hospital clients. Authoring policies, walking auditors through evidence, and shaping the program.
Senior Penetration Tester — Web & API
Test patient portals, FHIR APIs, telehealth platforms, and digital health SaaS. Write the kind of report a CTO actually reads.
Senior Network & Internal Pentester
Run internal network engagements against hospital and payer environments. Active Directory, segmentation review, and adversary-simulation exercises.
Fractional CISO — Healthcare
Embed with 3–4 healthcare clients as their on-demand CISO. Run the program, sit in on board calls, and own the relationship.
Cloud Security Architect — AWS / Azure
Review and harden cloud environments for digital health clients. Translate HIPAA Security Rule into actual AWS / Azure controls.