Staff Detection and Response Engineer

Who We Are

Healthcare needs a better rhythm: one that keeps care continuous and deeply human. Heidi is building an AI Care Partner that works alongside clinicians to make that possible.

We’re a team of doctors, engineers, designers, researchers, and creatives building tools that help clinicians stay focused on what matters most: their patients.

In just 18 months, Heidi has given back more than 18 million hours to healthcare professionals — supporting 73 million patient visits in 116 countries. Today, more than two million patient visits each week are powered by Heidi worldwide.

Backed by nearly $100 million in funding, we’re growing in the US, UK, Canada, and Europe, partnering with leading health systems including the NHS, Beth Israel Lahey Health, and Monash Health.

What You’ll Do as a Staff Detection and Response Engineer

• Build and maintain high-signal detections across cloud, infrastructure, and application layers
• Improve logging and audit coverage: what we collect, how we normalise it, how long we retain it, and how we query it
• Develop response automation: playbooks, orchestration, and repeatable containment and remediation steps
• Improve investigative workflows for incidents: evidence handling, timelines, and actionable learnings
• Partner with platform and application teams to add the right security telemetry and abuse signals
• Run threat hunting cycles that generate concrete improvements to detections and controls
• Contribute to the wider security program by closing the loop between incidents, threat models, detection coverage, and preventative controls

What We’re Looking For

We're looking for senior/staff-level capability, expressed as autonomy, depth, and ability to scale impact.

• Owns detection and response outcomes end-to-end, including prioritisation and roadmap decisions
• Strong domain understanding of attacker behaviour, audit logging, and detection trade-offs (coverage vs noise)
• Comfortable building systems and workflows that scale (detection-as-code, automation, reliable operations)
• Can work independently during incidents, coordinate across teams, and drive follow-up improvements
• Clear communicator who can translate technical findings into priorities and preventative work

Our Approach to Security

We build security into how we work through automation, practical controls, and clear communication. We aim for secure defaults and guardrails that help teams make good choices without unnecessary friction.

Note On Requirements

We care more about skills, approach, and ability to learn than specific certifications or industry background. If you have strong security domain knowledge and the specialised skills for this role, we'd love to hear from you.

The Way We Work

• Build to Last: We design for safety and reliability so clinicians, patients, and our teams can trust what we build every day.
• Own Your Practice: Ideas rise on merit, not title, and everyone shares responsibility for the standards we set together.
• Move Fast, Stay Steady: We move quickly but never at the cost of trust. Progress only matters if people can depend on what we make.
• Make Others Better: Honest feedback, steady support, and shared growth keep our teams improving together.

Why You Will Flourish With Us

• Flexible hybrid working environment, with 3 days in the office.
• A generous personal development budget of $500 per annum
• Learn from some of the best engineers and creatives, joining a diverse team
• Become an owner, with shares (equity) in the company, if Heidi wins, we all win
• The rare chance to create a global impact as you immerse yourself in one of Australia’s leading healthtech startups
• If you have an impact quickly, the opportunity to fast track your startup career!

Key skills/competency

• Detection Engineering
• Incident Response
• Threat Hunting
• Cloud Security
• Security Automation
• Audit Logging
• Attacker Behavior
• Security Telemetry
• Playbook Development
• Security Architecture