Security Engineer

Overview

We are on a mission to ensure everyone has access to medical expertise, no matter where they are.

Half the world still lacks access to quality healthcare. Even in advanced systems, outcomes are uneven, and clinicians are overwhelmed. Medical knowledge grows faster than human capacity can keep up.

Corti is building the infrastructure to close that gap. Our AI platform expands access to medical expertise, reducing errors, restoring time to clinicians, and making care more affordable, accessible, and human again.

There is no quality healthcare without a quality dialogue, and no reliable AI without a strong foundation. Help us build both.

Why Corti?
Corti is building the intelligence layer for global healthcare. We give every developer, product team, and healthcare innovator access to medical-grade AI, so the world can deliver care that is faster, safer, and more human.

Built entirely for healthcare and adjacent industries, Corti's models are trained on real-world data and optimized for precision, safety, and regulatory trust.

Through modular APIs, teams can embed medical speech recognition, summarization, reasoning, and much more directly into healthcare products without reinventing the foundation.

We power the builders who are redefining how healthcare works, from startups creating new patient experiences to enterprises modernizing the systems that care depends on.

If you believe that AI purpose-built for medicine will define the next century of healthcare, you belong at Corti.

The Role

As a Security Engineer at Corti, you are a security governance-focused engineer. Your primary responsibility is to make sure that security standards, controls, and framework requirements are clearly defined, technically grounded, and consistently implemented across our platform and operations.

You spend most of your time on security standards, configurations, documentation, and evidence, while using your engineering background to automate repetitive work and keep controls close to the real systems. You work in close partnership with Platform Engineering, and IT to keep Corti audit ready and to ensure that our technical environment reflects our security policies.

• Own and maintain Corti's security governance model across ISO 27001, SOC 2 and other relevant frameworks, including a clear control inventory and ownership map.

• Translate frameworks and customer requirements into concise policies, playbooks, checklists and acceptance criteria that fit naturally into techdocs, release processes and change management.

• Plan, manage and follow up on internal and external security audits and assessments, address any areas of non compliance and communicate status and findings to leadership, auditors and teams.

• Drive the use of compliance automation tools (e.g. Drata) and internal scripts, and monitor indicators such as device compliance, policy acceptance, training completion and access reviews, coordinating remediation with the responsible teams.

• Maintain a live security risk register, including risk acceptance, mitigation plans and regular reviews with Product, Platform and Governance team members.

• Partner with Platform and other engineers to ensure that policies and control objectives are reflected in CI or CD pipelines, Infrastructure as Code and cloud configuration baselines, and review security impactful changes at a governance level so they remain aligned and auditable.

• Plus - can use engineering experience to design small automations or configuration improvements that strengthen controls and make evidence collection and reporting easier for teams.

• Act as a trusted advisor on secure ways of working and provide answers to customers and stakeholders on Corti's security.

You'll thrive in this role if you:

• Have experience in DevOps, platform engineering, security engineering, or a similar field, and want to move closer to security governance, audits, and frameworks without losing touch with real systems.

• Are comfortable reading and writing scripts or small tools, for example in Python, Go, or TypeScript, mainly to automate checks, evidence collection, and configuration management.

• Understand the fundamentals of cloud security, identity, and networks, and can connect high level requirements to specific technical settings and patterns.

• Have worked with or around security frameworks such as ISO 27001, SOC 2, or GDPR, and are interested in making them concrete through control mapping, documentation, and automation.

• Communicate clearly with both engineers and governance stakeholders, and can explain technical topics in simple terms that support decisions and audits.

• Enjoy structured work such as defining standards, maintaining inventories, and keeping documentation in sync with reality, while also improving that work through automation.

• Take a pragmatic approach to security, aiming for guardrails and standards that are realistic for teams to follow and that meaningfully improve our security posture.

Nice To Have

• Know how to implement and enforce secure release workflows.

• Have hands-on experience with Kubernetes and cloud security practices (especially Azure).

• Experience with Drata or similar compliance automation tools.

• Familiarity with MDM and endpoint hardening across Linux, MacOS, and Windows.

• Understanding of audit tooling and compliance KPIs (MTTR, version skew, access policies).

Practicalities:

• You will be reporting to VP of Governance and Market Access

• The position is full-time and starts as soon as possible.

• Hybrid working environment in our Copenhagen office

• Equipment provided by Corti

Ready to dive into the world of Corti? Hit that 'Apply' button, and let's start working together on reshaping the dialogue in healthcare, making a real difference for millions of patient outcomes around the world.

Bringing in top talent from all backgrounds is crucial in our pursuit to improve the world of healthcare. We encourage applications from all people and do not discriminate based on race, religion, national origin, gender, sexual orientation, age, and/or disability status.

At Corti, experience comes in many forms, and we're passionate about creating teams with a multitude of perspectives If you believe your experience is close to what we're looking for but not an exact match, we still hope you'll consider applying