Heidi Health is looking for a Design Quality & Compliance Engineer (SaMD / Information Security) to be the key link ensuring our agile software development practices remain fully aligned with global medical device and information security standards. You’ll sit at the heart of our mission to make world-class care faster and safer through intelligent, compliant technology.
What You'll Do
- Lead the implementation and continuous improvement of design control processes across the software lifecycle in alignment with international standards.
- Partner with engineers and product managers to ensure requirements, risk controls, verification, and validation activities are clearly defined, documented, and traceable.
- Support the creation and maintenance of technical documentation, including requirements specifications, risk management files, verification reports, and change records.
- Support external Notified Body audits, with a focus on Design and Development aspects.
- Champion compliance in software development by translating complex and opaque standards into clear, actionable processes that engineering teams can follow.
- Support and coordinate external security and compliance audits.
- Attend calls and liaise directly with external auditors and stakeholders to ensure a smooth, efficient process and successful completion of all audit activities.
- Take the lead on completing detailed security questionnaires, focusing on all technical aspects of the responses.
- Collaborate across engineering, product, and legal teams to gather required evidence for audits and questionnaires, and participate in calls to provide technical clarifications when needed.
- Aid in the creation and maintenance of technical documentation, policies, and control mappings related to security and compliance.
What We're Looking For
- Prior experience working on Software as a Medical Device (SaMD) or other regulated healthtech products.
- Strong working knowledge of standards such as IEC 62304, ISO 13485, ISO 14971, and ISO 27001.
- Ability to apply standards in practical, developer-friendly ways.
- A solid understanding of technical security domains, including cloud security, access control, network security, and secure software development lifecycles.
- A commitment to quality and the ability to drive tasks to completion in a fast-paced, high-growth environment.
- Excellent communication skills, enabling you to work effectively with internal teams (engineers, product) and manage external partners (auditors, customers).
Nice to Have
- Experience ideally in a start-up or scale-up environment.
- A Bachelor’s degree or higher in a relevant scientific, engineering, regulatory, legal, or governance discipline.
Team & Environment
You will report into the Legal & Regulatory Affairs team, but work day-to-day within Engineering. We operate in a flat hierarchy that prioritizes the truth over rank, and we provide the resources for people to succeed and give them the freedom to do it.
Benefits & Compensation
- Flexible work with a hybrid environment.
- Additional paid day off for your birthday and wellness days.
- Discounted corporate gym memberships.
- A generous personal development budget of $500 per annum.
- Become an owner, with shares (equity) in the company.
Work Mode
This role offers a hybrid work model.
Heidi Health is an equal opportunity employer.
