Security Engineering & Operations Lead Remote (Portugal)

Company Description

At Lifebit we carve our own path. Trusted by Governments and world-leading pharma institutions and funded with $70m we are on a mission to harness the power of connected data and bring precision medicine to life globally. The key to saving human lives is providing researchers across the globe with the right data to develop more precise drugs faster.

Generating large amounts of biomedical data has become relatively straightforward. The challenge now is finding accessing and analysing this sensitive data stored across thousands of disconnected locations. It is frustrating and painfully difficult for researchers.

Lifebit has created a patented federated technology that brings analysis and computation to where data resides. This enables researchers to run analyses on multiple distributed datasets in-situ avoiding the risky movement of highly-sensitive data.

Our Federated AI Platform is trusted by federal agencies national health systems and global pharma to securely unlock sensitive biomedical and real-world data at scale. We help federal health institutions modernize data utilization and analytics in highly protected environments supporting mission-critical federal programs and transforming how secure health data drives public health and research.

Our technology is unmatched and momentum is on our side - and we need an exceptionally strong team to help boost Lifebit to incredible new heights.

Your Impact

As the Security Engineering & Operations Lead (Principal IC) you will own and run security across Lifebits cloud infrastructure platform and operational processes.

You will be designing and implementing security controls reviewing infrastructure-as-code running incident response and ensuring our security posture meets regulatory expectations because the systems are genuinely secure.

You will be accountable for security engineering security operations and supporting compliance efforts: setting direction making priority calls driving execution end-to-end and ensuring outcomes. You will define and enforce security standards and work closely with engineering and compliance teams to manage risk and maintain trust across our global infrastructure without relying on a more senior security leader for day-to-day guidance.

s and work closely with engineering and compliance teams to manage risk and maintain trust across our global infrastructure without relying on a more senior security leader for day-to-day guidance.

Your Role and Responsibilities

Hands-on Security Engineering

• Design implement and operate cloud security controls across AWS using Infrastructure-as-Code (Terraform Pulumi or equivalent).
• Personally review and contribute to Terraform Kubernetes and CI/CD configurations with a security lens.
• Secure AWS IAM networking (VPCs private connectivity service-to-service auth) and cloud-native services.
• Define and enforce Kubernetes security standards (RBAC isolation secrets management runtime security).
• Perform hands-on threat modelling of platform components data flows and federated execution patterns.

Security Operations & Incident Response

• Own vulnerability management end-to-end: detection prioritization remediation and verification.
• Design and operate security monitoring logging and alerting (SIEM cloud-native tooling).
• Act as incident commander for security incidents coordinating investigation containment remediation and post-incident reviews.
• Build and maintain practical incident response playbooks and on-call processes.
• Continuously harden systems through patching configuration management and proactive risk reduction.
• Establish operating cadence and governance for SecOps (triage prioritisation SLAs change control post-incident reviews) and drive follow-through to closure.
• Own the backlog and roadmap for detection & response: decide what gets built next why and how success will be measured.

Compliance & Risk (Engineering-led)

• Partner with Compliance and Legal to support ISO 27001 SOC 2 GDPR HIPAA and FedRAMP requirements.
• Translate compliance controls into concrete technical implementations rather than policies alone.
• Provide evidence and technical explanations during audits based on real system behavior.
• Maintain risk assessments that are grounded in architecture threat models and operational reality.
• Ensure security operations align with regulatory expectations without introducing unnecessary bureaucracy.
• Translate risk into clear prioritised engineering work: write requirements unblock execution and communicate trade-offs to stakeholders.
• Create and maintain a pragmatic control framework that scales (policies standards exceptions and evidence collection) with clear owners and timelines.

Leadership & Enablement

• Set security standards and guardrails that engineering teams can realistically adopt.
• Mentor engineers on secure design cloud security incident response and vulnerability management.
• Drive a culture of shared ownership for security across engineering.
• Communicate clearly with both technical teams and executive stakeholders during incidents and risk discussions.
• Influence senior engineering and product stakeholders through crisp recommendations data and risk-based narrativesoften without direct authority.
• Be the security single-threaded owner for operational readiness: ensure teams know what good looks like and that its consistently met.

Continuous Improvement

• Automate security monitoring detection and remediation wherever possible.
• Identify systemic risks and eliminate them at the architecture or platform level.
• Stay current on emerging threats in cloud-native data and platform security.
• Design scalable low-toil processes and automation that reduce noise and improve signal (alert quality tuning runbooks metrics).
• Continuously evaluate tooling and vendors; build business cases and implement improvements end-to-end (selection rollout adoption measurement).

Requirements

• BSc in Network Engineering Cybersecurity Computer Science or a related advanced technical field.
• 5 years of hands-on security experience in a product-based company (not purely consulting or audit).
• Deep understanding of cloud environments (AWS Azure or GCP) and network security architectures.
• Demonstrated experience as the primary owner of a security operations function (building and running it) not just a contributor within a larger security org.
• Strong judgment and autonomy: able to make priority decisions under ambiguity and drive outcomes without waiting for direction.
• Hands-on experience with SIEM IDS/IPS firewalls endpoint protection and log aggregation systems.
• Strong background in incident response risk assessment and vulnerability management.
• Familiarity with containerized environments (Docker Kubernetes) and secure DevOps practices.
• Proven ability to design and operate in highly regulated compliance-driven environments.
• Track record of partnering with engineering to deliver measurable security improvements (MTTR coverage control effectiveness audit readiness).

Preferred Qualifications

• MSc in Network Engineering Cybersecurity Computer Science or a related advanced technical field.
  
• Experience managing global security operations in a cloud-first or federated data organization.
• 2 years of experience in a managerial position.
• Certifications such as CISSP CISM or CCSP.
• Experience working with privacy-preserving technologies and encrypted computation.
• Strong cross-functional collaboration skills capable of influencing without direct authority.
• Excellent written and verbal communication skills across technical and executive levels.

What We Offer

Lifebit is synonymous with a dynamic work culture that encourages both personal and professional growth. Our mission-driven organization is dedicated to making a significant impact in science and healthcare.

We provide a comprehensive benefits package including:

• Compensation: Your work is rewarded with a competitive salary and performance-based incentives.
• Professional Development: You are granted an annual personal development budget of 1000 and access to leading industry conferences training and certifications.
• Flexible Working: Receive 21-25 days of annual leave and fully remote work to maintain a healthy work-life balance.
• Diverse Team Culture: Join an international and diverse team passionate about transforming healthcare through data.
• Deep Technology & Science: Get exposure to problems and applications in the cloud data analysis ML life sciences and big data fields.

Join us at Lifebit for a career that promises to be your next significant venture dedicated to advancing the scientific and healthcare fields by delivering transformative platforms for aging defense health and biomedical research. Dont miss the chance to be part of our mission!

Life at Lifebit

Lifebit is dedicated to fostering an environment where employees can flourish valuing individual strengths skills and passions. We prioritize health and well-being offering comprehensive benefits and support. Our remote-first work model encourages virtual collaboration to maximize creativity and innovation with flexibility for remote work as needed. Lifebit is proud to be an equal opportunity employer committed to diversity equity and inclusion.

Join us in reshaping the future of data analysis and technology integration.

Location: Anywhere in Portugal (Remote)

Required Experience:

Senior IC