Changing The Medical Security Industry

Building the future of medical security through passion and a desire to keep people healthy. We bring together the best security experts and challenge ourselves daily to make sure our customers are protected at all times.
Careers at Scope Security

What Our Employees Have to Say

Cybersecurity Engineer 8

Mohan

Software Developer

“Scope is a place of inclusiveness and the culture of listening and being open to feedback has been the best part of my experience. Not only about your ideas, but the team and leaders genuinely care for your personal wellness. The level of transparency and the comfort of not being afraid to reach out to people for coffee chats at any level of the organization is unparalleled to anything. Scope is the place for anyone who’s willing to experiment and learn.”

Cybersecurity Engineer 7

Mahtab

AI Developer

“The people that I am working with are so nice and helpful. Also, I am part of the team to build our product from scratch, which helps me to learn a wide range of innovative technologies, including how to write detection rules and using our Kubeflow ML stack.”
Cybersecurity Engineer 4

Ben

Software Developer

“People at Scope are kind, understanding and hardworking. Scope loves working together, especially on hard to solve issues which may come up. The goal of the company is something to be proud of as well of course. In a way, we are saving people’s lives and preventing harm to hospitals/customers by protecting them with our product/service.”

Job Openings

Junior Frontend Software Engineer

Share This Job

Learning is the currency of innovation and one of Scope Security’s core values. We’re looking to expand our team by including people who thrive on learning new skills and technologies. This is an entry level role for someone who has some proficiency in user interface programming and design principles, but may not have professional experience as a software engineer.

The day-to-day responsibilities of this role will include hands-on programming, working with a team to evolve the user experience of our solution to improve the security of healthcare organizations.

Scope Security is primarily a remote work environment at this time, but the engineering team is based in Toronto, ON, with team members coast to coast.

Responsibilities:

  • Work to improve skills and knowledge about software development, software engineering, information security, and technology
  • Actively participate in a culture of experimentation and continuous improvement across our entire engineering team
  • Demonstrate self motivation and inquisitive drive to achieve

Qualifications and skills:

  • Knowledge of Javascript and a modern frontend framework, preferably React
  • Some knowledge of software development principles
  • User-interface design skills and knowledge is an asset, but not required
  • Excellent learning, teamwork, and "followership" skills. True success comes from a culture that strives to make everyone the best versions of themselves. It is difficult to lead, but even more difficult and crucial to step back and learn from your colleagues as a follower. Each of us is both a teacher and a student.
  • Excellent written and verbal communication skills, comfortable with remote work, and the challenges and opportunities that come with distributed teams
  • Legally eligible to work in Canada

Apply now:

    Intermediate Software Engineer

    Share This Job

    Learning is the currency of innovation and one of Scope Security's core values. We're looking to expand our team by including people who thrive on learning new skills and technologies. This is an intermediate level role for someone who has proficiency in programming and software design principles, and at least two years of professional experience as a software engineer.

    The day-to-day responsibilities of this role will include hands-on programming, working with a team to develop components of our solution to improve the security of healthcare organizations.

    Scope Security is primarily a remote work environment at this time, but the engineering team is based in Toronto, ON, with members coast to coast.

    Responsibilities:

    • Work to improve skills and knowledge about software development, software engineering, information security, and technology
    • Actively participate in a culture of experimentation and continuous improvement across our entire engineering team
    • Demonstrate self motivation and inquisitive drive to achieve

    Qualifications and skills:

    • Minimum of 2 years professional experience working with Python or Java
    • Solid knowledge of software engineering principles and practices (e.g. Test Driven Development, Code Review, Continuous Delivery)
    • Proficiency with modern software design
    • Experience with Cloud Deployment and development in a Cloud environment (e.g. GCP, AWS, Azure, etc)
    • Experience as a team member with Scrum, Kanban, or other Agile methodologies
    • Excellent learning, teamwork, and "followership" skills. True success comes from a culture that strives to make everyone the best versions of themselves. It is difficult to lead, but even more difficult and crucial to step back and learn from your colleagues as a follower. Each of us is both a teacher and a student.
    • Excellent written and verbal communication skills, comfortable with remote work and the challenges and opportunities that come with distributed teams
    • Legally eligible to work in Canada

    Apply now:

      Senior Software Engineer

      Share This Job

      Scope Security is committed to improving information security for healthcare. We are seeking a senior engineer who can share that goal. The ideal candidate is an experienced, hands on, cloud developer who measures success by the impact of their team as a whole.

      We are looking for people motivated by solving problems related to data engineering, data analysis, and/or information security in the cloud, regardless of the specific tools or technology used. To thrive in this environment you must be comfortable operating with a high degree of ambiguity and a willingness to figure it out as we go along.

      Scope Security is primarily a remote work environment at this time, but the engineering team is based in Toronto, ON, with members coast to coast.

      Responsibilities:

      • Regularly deliver high quality features that improve the functionality of our product offering, and by extension, the security of our customers
      • Continuous learning and personal growth in software development, software engineering, information security, and technology
      • Actively participate in a culture of experimentation and continuous improvement across our entire engineering team
      • Mentoring junior engineers on technology, software engineering practices, and agile methodologies
      • Demonstrate self motivation and inquisitive drive to achieve

      Qualifications and skills:

      • Minimum of 5 years professional experience working with Python or Java
      • Demonstrated proficiency in Cloud Deployment and development in a Cloud environment (e.g. GCP, AWS, Azure, etc)
      • Mastery of software engineering principles and practices (e.g. Test Driven Development, Code Review, Continuous Delivery)
      • Proficiency with modern software design
      • Experience as a team member with Scrum, Kanban, or other Agile methodologies
      • Excellent learning, teamwork, and "followership" skills. True success comes from a culture that strives to make everyone the best versions of themselves. It is difficult to lead, but even more difficult and crucial to step back and learn from your colleagues as a follower. Each of us is both a teacher and a student.
      • Excellent written and verbal communication skills, comfortable with remote work and the challenges and opportunities that come with distributed teams
      • Proficient in distributed revision control systems (e.g. Git) and understands the value of code review, frequent commits, and stakeholder input
      • Familiarity with building products in an organization with a strong Secure Development Lifecycle and compliance requirements (HITRUST, SOC2, FedRAMP, HIPAA, HITECH, etc.)
      • Legally eligible to work in Canada

      Apply now:

        Detection Engineer

        Share This Job

        As a core part of Scope's Engineering team, you will be responsible for mining our dataset and detecting attack patterns, and training our stack to detect those patterns in the future. You will spend your days looking for the largest possible threats to our customers and their patients, and determining first how they'd likely appear in the data that we are collecting and then ensuring that we detect and alert on those patterns.

        This position is an opportunity to teach our system to identify attackers across the healthcare landscape. We are building a product that will help Healthcare Delivery Organizations (HDOs) protect the safety, privacy and security of their patients and this role will be on the front lines of that protection. These are challenging problems, and you must not only be open-minded to tackling new exploratory areas, new threat actors and new threat types, but also be continually improving and evolving and continually improving our detection to meet the ever increasing number and variety of threats facing all healthcare delivery organizations.

        If you are the kind of person who loves solving hard and interesting security challenges and wants to do so in a way that makes the world (and especially our HDOs) a better and safer place, you'll probably fit in well here—especially if you're someone who loves to detect bad actors in diverse and challenging datasets and if you're someone who celebrates the success of the others on your team as much as you celebrate your own.

        Responsibilities:

        • Identify and stop threats to security, safety, and privacy across our healthcare customers. Take lead on threat hunting, IOC (indicators of compromise) analysis, TTP (Tactics, Techniques, and Processes) analysis, and incident response.
        • Push the boundaries of security technology to create and tune defenses to be specific to the types of threats, vulnerabilities, and attacks that large scale healthcare infrastructure and networks experience
        • Work to develop and customize the alerts that we send and the way that our product interacts with customers—this includes creating dashboards, customizing alerts and rules, tuning alerting and detection parameters, etc.
        • Work closely with our clients' internal security, IT, and biomedical teams to address the most severe security alerts and incidents, including full-cycle of detection, analysis, containment, eradication, recovery, and post-mortem improvement
        • Hunt down and neutralize malware, ransomware, and other key attack types before they affect our users
        • Create detection logic to protect users from current and future threats
        • Develop tools to mine our data set to identify new attacks, actors, IOCs, and threat patterns

        Qualifications and skills:

        • Excellent teamwork, leadership, and coaching skills. Security is a discipline where you have to keep up with the constant stream of new developments and breakthroughs in the industry. This means everyone will have an opportunity to be in a teaching role at some point.
        • Excellent learning and "followership" skills. True success comes from a culture that strives to make everyone the best versions of themselves. It is difficult to lead, but even more difficult and crucial to step back and learn from your team as a follower. Each of us is both a teacher and a student, and you have to be as comfortable learning as you are teaching.
        • Insatiable curiosity and a strong drive to understand how attackers work and how their attacks are tailored to modern healthcare environments
        • An understanding of how attackers compromise systems and how different actors' tools, techniques, and procedures (TTPs) work
        • A fundamental understanding of TCP/IP and core application layer protocols
        • Fluency with Windows & Linux operating systems and command line tools
        • Experience with tools used for forensic acquisition and analysis and some experience with the incident response process
        • Familiarity with the attack lifecycle / kill chain and/or the MITRE ATT&CK framework and an understanding of how that lifecycle could applied in the compromise of healthcare environments
        • Experience operating in a cloud environment (AWS or GCP)
        • Experience with infrastructure as code (e.g. Terraform, Cloudformation, Chef, or Puppet) is helpful
        • Other potentially useful experience includes Osquery, Splunk, and experience with ELK – (ElasticSearch, Logstash, Kibana) and intrusion detection tools (e.g. Splunk, Suricata, Bro) and offensive security tools (eg Metasploit)

        Apply now:

          Threat Detection Lead

          Share This Job

          As a leader in Scope's threat detection team, you will be helping to build the intelligence in our detection and response infrastructure. This means that you have strong experience in Information Security—such as a background as an Analyst, Investigator, Response, Researcher, or authoring event sources, check logic, and/or detection signatures—combined with cloud software development and/or deployment experience. Join the team that provides the fundamental building blocks of our security platform, underlying the future of security across the healthcare industry. You'll be challenged to stay open-minded in tackling new exploratory areas, but also be continually improving key existing systems to meet the ever increasing number and variety of threats facing all Healthcare Delivery Organizations (HDOs).

          If you are the kind of person who loves solving hard and interesting security challenges and wants to do so in a way that makes the world (and especially our HDOs) a better and safer place, you'll probably fit in well here—especially if you're someone who loves to solve hard engineering problems with discipline and creativity and if you're someone who celebrates the success of the others on your team as much as you celebrate your own.

          You are comfortable with cloud (GCP and AWS) infrastructure and containers (Kubernetes), modern Agile development practices and frameworks, and the way that Security Information and Event Management (SIEM) software products function. As we grow, you will make significant contributions to the detection engines, analysis systems, machine learning platforms as well as other core intellectual property that we build. This position is the opportunity to take on some of the most interesting challenges in the company.

          Responsibilities:

          • Lead the delivery of security incident detections using machine learning through application of information security expertise
          • Work across multiple platforms and languages at all levels of the stack
          • Mentor and guide junior team members in technical, security, and process knowledge
          • Self-directed learner when called to take on challenges in areas such as:
            • Security incident detection and response
            • Data analysis
            • Scalable distributed systems design
            • Building infrastructure and data to enable Machine Learning and AI
            • Real-time analysis of telemetry received from millions of devices
          • Contribute to automated testing, metrics collection, monitoring, and continuous improvement in all of your work
          • Identify the best approaches to power rapid detection, investigation, and response across our entire stack and continuously improve our capabilities by creating and iterating on new ideas
          • Help drive a culture of experimentation and continuous improvement across our entire engineering team
          • Design/Implement large-scale, distributed, production class software on public cloud platforms such as AWS or GCP
          • Own and drive features from conception to deployment in an agile team with continual delivery

          Qualifications and skills:

          • Minimum 3 years (5 or more preferred) experience in the Information Security industry as an Analyst, Investigator, Response, Researcher, or authoring event sources, check logic, and/or detection signatures
          • Excellent teamwork, leadership and coaching skills. Security is a discipline where you have to keep up with the constant stream of new developments and breakthroughs in the industry. This means everyone will have an opportunity to be in a teaching role at some point.
          • Excellent learning and "followership" skills. True success comes from a culture that strives to make everyone the best versions of themselves. It is difficult to lead, but even more difficult and crucial to step back and learn from your team as a follower. Each of us is both a teacher and a student, and you have to be as comfortable learning as you are teaching.
          • Practical experience with security architecture, design and implementation in large scale products and cloud deployments
          • Experience with SIEM technologies – ELK (ElasticSearch, Logstash, Kibana and Beats) preferred, but not required
          • Great skills with Elasticsearch (OpenSearch) are highly beneficial
          • Experience in a DevOps and Security (DevSecOps) focused environment
          • Hands on experience with building technologies in AWS and/or Google Cloud (using Terraform preferred, but not required)
          • Knowledge on container technologies (Docker, Kubernetes, GKE and AWS ECS/EKS)
          • Experience with scripting languages (python preferred) and using network automation tools
          • Software development experience, and familiarity with building products in an organization with a strong Secure Development Lifecycle and compliance requirements (HITRUST, SOC2, FedRAMP, HIPAA, HITECH, etc.)
          • Excellent written and verbal communication skills
          • Experience with the business, clinical terminology, and operational structures used in a typical Healthcare Delivery Organization

          Apply now:

            SOC Analyst

            Share This Job

            Scope is looking for talented cybersecurity analysts to join our Security Operations Center (SOC) team. As part of the team, you will be responsible for managing day to day cybersecurity operations including identifying and evaluating threats, providing contextualized security alerts, and reporting to clients and advising on or performing preliminary incident response activities.

            Required technical qualifications to be successful in this role:

            • Understanding of regular expressions
            • Demonstrated competence with Lucene/KQL/EQL query syntax
            • Python scripting skills

            Desired knowledge, skills, and capabilities:

            • Understanding of MITRE ATT&CK Framework
            • Advanced understanding of TCP/IP
            • Experience with netflow/IPFIX and PCAP analysis
            • Understanding of Windows and/or Linux operating systems internals
            • Basic understanding of threat hunting principles, practices and approaches
            • Basic malware analysis capabilities

            Desired experience:

            • 1 to 3 years of security operations experience, especially security operations in a Healthcare Delivery Organization (health system, hospital or clinical environment)
            • 1+ years of additional cybersecurity experience in a related role (i.e. DFIR analyst, malware analyst, threat hunter, cyber threat intelligence analyst, etc.)
            • Desired security certifications include GCIH, GCTI, GREM, or equivalent
            • Experience with the business, clinical terminology, and operational structures used in a typical Healthcare Delivery Organization

            Apply now:

              Marketing

              Share This Job

              As a core part of Scope's Commercial team, you will drive the day-to-day tactical and operational functions of marketing. You will work closely with the founders and leadership team to make strategic choices about our marketing initiatives, identify and meet key metrics, and drive the implementation of our marketing program across functions ranging from digital to events and product/content marketing. Your focus will be on delivering data-driven results that raise Scope's brand awareness and deliver leads to our sales organization to ensure that Scope is able to deliver on its mission of improving security across the healthcare industry.

              As Scope's first full time marketing hire, you will act as a "player coach" in this role—managing contractors and eventually working with the rest of Scope's leadership team to build a marketing organization as we scale. The immediate term will see you as an individual contributor who is hands on with all parts of our marketing world—working on the website, producing the podcast and blog content, writing sales copy and content for the sales process, and helping us be set up for success in sales meetings, at events, and in our digital content.

              We aren't specifying a level of experience because you can fit a number of profiles—we would be equally excited to meet someone early in their career who wants to get experience across a number of the silos of marketing or someone with more experience who relishes the chance to be hands on and build a program from the ground up.

              Responsibilities:

              • Help us create a data-driven, ROI-positive enterprise marketing program that targets the right prospects and creates the right opportunities for our sales team
              • Be the driver of our brand appearance and make sure that our marketing persona reflects who we are and the company that our customers want to do business with
              • Set and drive standards for content across our blog, podcast, and all of our written material so we are seen as a thought leader in the industry
              • Drive and coordinate all of our marketing activities, including working with SMEs to generate highly technical and security relevant content

              Qualifications and skills:

              • Excellent teamwork, leadership, and coaching skills. Security is a discipline where you have to keep up with the constant stream of new developments and breakthroughs in the industry. This means everyone will have an opportunity to be in a teaching role at some point.
              • Excellent written and verbal communication skills are one of the keys to this role—marketing is fundamentally about telling our story and you need to be able to do that effectively
              • Strong analytical and problem-solving skills—you must have an ability to invent creative solutions to complex business problems with a very high degree of attention to detail
              • Decisive and with a bias for action. You don't just know how to solve problems; you pick them up and solve them, owning them end-to-end. You solicit feedback, but you ultimately know how and when to make the decision.
              • Excellent learning and "followership" skills. It is difficult to lead, but often even more difficult and crucial to step back and learn from your team as a follower. Each of us is both a teacher and a student, and you have to be as comfortable learning as you are teaching.
              • Ability to learn quickly and understand our and our customers' businesses and adapt our material to take in the reality of both
              • Some amount of marketing experience in early-to-mid-stage startups is highly preferred. You need to understand results-driven startup culture and the speed at which it moves and help us keep it moving that fast.
              • Experience across various parts of the marketing spectrum is preferred—while you will be empowered to bring in help, it's hard to manage someone without at least a modicum of experience in the function

              Apply now:

                Get started with Scope OmniSight™