Return to jobs
Join Daye, a pioneer in women's health technology, as they transition from a startup to a regulated, scalable healthtech entity.
Overview
Salary
No salary declared 😔
Location
Sofia, Bulgaria
Nomad Friendly?
Expires
Expires at anytime
Daye is a renowned organisation advancing gynaecological healthcare through innovative digital and diagnostic tools like the Diagnostic Tampon for at-home screenings. Having originated in 2017, we've launched groundbreaking products, handled sensitive health data globally, and collaborated with top healthcare providers like the NHS.
Role Summary:
- Join as we transition to a scalable, regulated healthtech infrastructure.
- Play a key part in constructing a robust security infrastructure ensuring user protection and instilling partner confidence.
Role Requirements:
- Experience in ISO 27001 or SOC 2 programs, preferably within a startup or medical device context.
- Knowledge of VPN, MDM, endpoint protection, SDLC, and threat modelling.
- Understanding of cloud and API security, network architecture, and database protection.
- Familiarity with regulations of medical device or diagnostic product.
- Experience in coordinating cross-border data protection programs involving EU and US healthcare systems.
Benefits:
- Competitive pay rates with yearly reviews.
- Paid training, flexibility in work location and hours.
- 20 days paid vacation per year, collective weeks off, generous shared parental leave policy.
- Private health insurance, free professional coaching, and mental health days.
About Daye Daye is a leader in gynaecological health innovation, developing diagnostic and digital health technologies that raise the standards of care in women's health. Founded in 2017, we've built vertically integrated R&D and manufacturing capabilities and launched pioneering products including the Diagnostic Tampon, which enables at-home vaginal microbiome, HPV and STI screening. We handle sensitive health data across multiple jurisdictions (UK, EU, and US), working with healthcare providers such as the NHS and US health systems, and serving tens of thousands of patients globally.
The role As Daye transitions from a start-up stack to a scalable, regulated healthtech infrastructure, the complexity of our systems has grown significantly. You'll join at a time when we've completed our ISO 27001 certification but are now implementing the next phase: embedding defensive programming culture, ongoing white-box penetration testing, and formal security documentation across engineering and operations. This role is pivotal in building a robust, forward-looking security infrastructure that protects our users, ensures resilience, and instils confidence in all our partners.
Job requirements Experience building or running ISO 27001 or SOC 2 programs, ideally within a startup or medical device context. Hands-on knowledge of VPN, MDM, endpoint protection, secure development lifecycle (SDLC), and threat modelling. Strong understanding of cloud and API security, network architecture, and database protection. Experience building or auditing secure clinical data pipelines and electronic lab integrations. Familiarity with medical device or diagnostic product regulations is a strong plus. Experience coordinating cross-border data protection programs involving EU and US healthcare systems.
Benefits Working at Daye, you will be collaborating with a passionate, motivated and international group of top performers. We offer competitive pay rates with salary reviews once a year, paid training opportunities, flexibility in work location and hours, 20 days paid vacation per year plus collective weeks off in August and between Christmas and New Year, generous shared parental leave and return to work policy, private health insurance, free professional coaching, mental health days, and a diverse, yet like-minded community.
