About Optain

Optain is a revolutionary healthcare company that uses groundbreaking software and hardware technology to rethink care. We use the eye as a window to the body to improve the way we detect ophthalmic and systemic conditions. Optain is committed to expanding and improving care through the introduction of AI and machine learning technology into primary care and new care settings at an accessible price. At a systemic level, this not only ensures greater access to care but also promises to reduce the strains of an overburdened healthcare system.

Originally founded in Australia in 2019, Optain seeks to commercialise the inventions of Professor Mingguang He, a preeminent clinician-scientist and scholar in the field of ophthalmology. Optain has achieved regulatory clearance and commercial adoption of its product suite in global markets, including Australia and Europe.

Now, backed by a global team of healthcare AI experts, Optain is rapidly accelerating its growth trajectory. We are expanding use of our products globally while advancing our R&D efforts to bring new indications to patients and providers.

At Optain, we see a big opportunity to improve healthcare. We see through the eyes to the state of the whole body. We see precise screening, better treatment, more accessible care and a healthcare system that works for all. We see levels of care beyond what was previously thought as possible.

Website: https://www.optainhealth.com/

About the role

As a Cybersecurity Engineer at Optain, you will take ownership of securing our core systems—including email, cloud infrastructure, websites, and employee endpoints. You will play a critical role in implementing and maintaining cybersecurity controls across our technology stack, ensuring the protection of sensitive healthcare data and operational integrity. You'll work closely with engineering, IT, and compliance teams to implement security best practices, detect and respond to threats, and support a security-first culture throughout the company.

What you'll be doing

Design, implement, and monitor security controls across cloud infrastructure (e.g., AWS), corporate email systems, web applications, and employee devices.

Develop and maintain endpoint security strategies, including anti-malware, patch management, and device encryption across all employee laptops and workstations.

Lead threat detection and incident response activities across systems, applications, and devices.

Conduct regular risk assessments and penetration testing; track remediation of findings.

Manage IAM, enforce MFA, and monitor access to critical systems.

Develop and improve policies for secure system usage, including BYOD and remote work.

Educate staff on cybersecurity best practices through training and awareness programs.

Support efforts to meet relevant compliance frameworks (e.g., ISO 27001, HIPAA, GDPR).

Collaborate with developers and DevOps to embed security in software delivery pipelines (DevSecOps).

Maintain tools and processes for vulnerability management, log monitoring, and SIEM.

Required skills & experience

3–5 years of cybersecurity experience covering cloud environments, web security, email systems, and endpoint protection.

Proficient with cloud security (especially AWS), including services like IAM, KMS, WAF, Security Hub, GuardDuty, etc.

Hands-on experience with securing macOS and Windows endpoints, including hardening, anti-virus, and MDM solutions.

Deep understanding of email security practices, including SPF/DKIM/DMARC, phishing protection, and secure configuration of services like Google Workspace or Microsoft 365.

Familiarity with web application security (OWASP Top 10) and secure API development.

Experience with security monitoring tools (e.g., SIEM, EDR, vulnerability scanners).

Solid knowledge of networking, encryption, identity management, and firewall technologies.

Strong documentation and communication skills, especially around security policy and incident reporting.

Bonus points:

Experience with regulated industries (e.g., healthcare, fintech) or security certifications such as CISSP, CISM, or SANS GIAC.

Familiarity with container and Kubernetes security.

Exposure to Software as a Medical Device (SaMD) or security for ML/AI systems.

What you'll gain

Competitive compensation package ($90–110k base + super)

A unique opportunity to lead and shape cybersecurity in a mission-driven healthtech company

Work on impactful systems that blend healthcare, AI, and modern infrastructure

An inclusive, flexible, and supportive workplace that values security as a foundation

Hybrid work environment with autonomy, trust, and meaningful challenges

If you're a cybersecurity professional who’s passionate about protecting systems that make a real difference in healthcare, we’d love to hear from you. Please upload your CV and a short cover letter explaining why you're a great fit for this role.