Head of Security
Neko Health
IT
Europe
Posted on Jun 25, 2025
Neko Health is a Swedish health-tech company co-founded in 2018 by Hjalmar Nilsonne and Daniel Ek. Our vision is to create a healthcare system that can help people stay healthy through preventive measures and early detection. Neko has developed a new medical scanning technology concept to make it possible to do broad and non-invasive health data collection that is both convenient and affordable for the public. This requires completely reimagining the healthcare experience and incorporating the latest advances in sensors and AI. We are a remote first company, but the company is based in Stockholm and has over 300 employees across Europe.
Role Overview:
The Head of Security is a senior leadership role responsible for defining and executing the company’s security strategy across infrastructure, applications, and operations. This role ensures the confidentiality, integrity, and availability of systems and data, while enabling the business to scale securely. The Head of Security will report to the CTO and collaborate closely with Engineering, IT, Compliance, and Product teams. Key responsibilities include:
Security Strategy & Governance
- Define and maintain the company’s security roadmap, policies, and standards.
- Lead risk assessments and threat modeling across infrastructure and product domains.
- Own security governance frameworks aligned with ISO 27001, GDPR, NIS2 and FedRAMP.
Cloud & Infrastructure Security
- Oversee security posture across Azure, Microsoft 365, and Entra ID.
- Ensure proper configuration of Conditional Access, Intune, and Azure Policy.
- Drive implementation of cloud security initiatives infrastructure governance.
- Partner with IT to implement endpoint and identity security.
Physical Security
- Oversee security measures at offices and clinics.
- Partner with Facility Operations to implement security measures and controls.
Application & DevSecOps
- Embed security into the software development lifecycle.
- Own security aspects of software and instrument development lifecycle.
- Partner with DevOps to implement secure CI/CD pipelines and secrets management.
- Support backend teams with secure architecture reviews and remediation efforts.
Security Operations & Incident Response
- Establish and lead incident response processes and playbooks.
- Monitor and respond to security alerts using tools like Microsoft Sentinel and Defender.
- Coordinate with IT and Engineering to remediate vulnerabilities and misconfigurations.
Team Leadership & Collaboration
- Build and lead a high-performing security team.
- Collaborate with IT, Engineering, and Compliance to align security with business goals.
- Act as a security advisor to senior leadership and cross-functional stakeholders.
Qualifications
- Proven experience in a senior security leadership role, ideally in a cloud-native environment.
- Deep knowledge of Microsoft security stack (Purview, Defender, Sentinel, Entra ID).
- Experience with Cisco Meraki.
- Strong understanding of modern infrastructure (Azure, Kubernetes, IaC).
- Strong automation mindset.
- Experience with regulatory frameworks and compliance audits.
- Excellent communication and stakeholder management skills.
About the Engineering Team
Distributed and Remote First
We are nearly 100 full time engineers at the company, working from Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm, spanning diverse disciplines such as Hardware Engineering, Firmware Development, Electrical Design, Algorithm Development, Machine Learning Development, Optronics Research, Frontend Development and more. We don't expect people to join us with a specific tech knowledge, but we do expect you to work with our tools. We use a mix of React, Typescript, C++, and Python. Our APIs are written in C# with ASP.NET Core, uses Azure Cosmos DB, and Azure Active Directory for authentication.
Our headquarters and our hardware development team are in Stockholm, Sweden.
We are a Remote First company; however, it is of course much easier to work remotely as a software engineer than a hardware or firmware engineer (since they require access to hardware or devices occasionally). Software engineers based in Stockholm work maybe one day a week or one day every two weeks from the office.
We meet a couple of times per year to get to know each other and have fun.
Organization and Way of Working
The engineering team is divided into smaller cross functional project teams that each focus on a specific goal or target, where some groups are long-lived, and some are short-lived, depending on how big the goal or deliverable is. We strive to create groups which are cross-functional and able to complete their goals without dependence on other teams, even though this is of course not always possible.
Groups track goals on a yearly and quarterly basis with goal follow-up across the entire engineering organization on a bi-weekly basis. Most groups do internal planning on a bi-weekly basis, but in the end it's up to the group to decide how they want to work.
We have, however, mandated that all groups must present their progress or failures or hacks at our bi-weekly engineering demo, a fun meeting/presentation where we talk about everything from short-circuiting power-modules, how hard it is to calibrate cameras or align polygons in space, to neat new command line tools for operations, a new auth mechanism in the backend, a cool new way to visualize health data or a new feature which helps our doctors be more productive.
We have a flexible workplace that focuses on work/life balance, and we strongly believe in our mission but do not think that achieving it requires sacrificing everything else.