Senior Security Engineer

Abridge was founded in 2018 with the mission of powering deeper understanding in healthcare. Our AI-powered platform was purpose-built for medical conversations, improving clinical documentation efficiencies while enabling clinicians to focus on what matters most—their patients.

Our enterprise-grade technology transforms patient-clinician conversations into structured clinical notes in real-time, with deep EMR integrations. Powered by Linked Evidence and our purpose-built, auditable AI, we are the only company that maps AI-generated summaries to ground truth, helping providers quickly trust and verify the output. As pioneers in generative AI for healthcare, we are setting the industry standards for the responsible deployment of AI across health systems.

We are a growing team of practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers working together to empower people and make care make more sense.

The Role

Our generative AI-powered products are bringing joy back to the practice of medicine, and we’re looking for experienced security engineers to join our growing US-based engineering team. You’ll serve as a subject matter expert to help us build applications that are secure from current and future information security threats, and will be involved at all stages of the software development lifecycle.

What You'll Do

Every day is different at Abridge. Some of what you can expect to do:

• Help define and implement secure coding standards, and work with engineers and engineering management to advocate for and implement these standards.

• Perform architectural and code reviews, with a focus on secure development practices.

• Perform threat modeling and risk assessment, both standalone and as part of our larger security and compliance program.

• Identify and remediate security vulnerabilities through manual and automated testing.

• Incorporate automated tools such as SAST / DAST / RASP / SCA into the development process, such as by augmenting CI + CD pipelines.

• Lead triage of incoming issues, and work with engineering teams to remediate known or suspected security vulnerabilities.

• Train and mentor engineers on secure development practices. 

• Research commercial and open-source solutions, and make build vs buy recommendations to bring new capabilities into the technology organization.

• Build deep user empathy and maintain a user-centric mindset

• Communicate regularly and effectively within and on behalf of our cross-functional product delivery teams. You’ll work with other disciplines including product, machine learning, and platform engineering, and will have opportunities to learn from and contribute to projects across the company.

What You’ll Bring

• 7+ years of software engineering experience, with several years of experience focusing on cybersecurity for cloud-native applications. You’ve seen what works, and probably a few things that didn’t work. Your opinions are grounded in experience.

• Passionate about software security, and experienced at multiple levels of the stack. You can determine whether a piece of code is vulnerable to a cross-site scripting attack; debate the relative merits of CBC vs GCM; and architect a system with appropriate data segregation for confidential data.

• Experienced working in a regulated environment. You have worked with compliance frameworks such as SOC2 and HITRUST.

• Up-to-date on industry best-practices and trends, and enjoy of learning new things

• Excited about being hands-on in a fast-moving, productive, and supportive environment

• Willing to pitch in wherever needed - as a fast-moving startup we need to do good work, quickly

We value people who want to learn new things, and we know that great team members might not perfectly match a job description. If you’re interested in the role but aren’t sure whether or not you’re a good fit, we’d still like to hear from you.

Base Salary: $185,000 USD - $265,000+ USD per year + Equity

The salary range provided is based on transparent pay guidelines and is an estimate for candidates residing in the San Francisco and New York City metro areas. The actual base salary will vary depending on the candidate's location, relevant experience, skills, qualifications, and other job-related factors. Additionally, this role may include the opportunity to participate in a company stock option plan as part of the total compensation package.

Must be willing to work from our SF or NY office at least 3x per week

This position requires a commitment to a hybrid work model, with the expectation of coming into the office a minimum of (3) three times per week. Relocation assistance is available for candidates willing to move to San Francisco or New York.

Must be willing to travel up to 10%

Abridge typically hosts a 3 day builder team retreat every 3-6 months. These retreats often feature internal hackathons, collaborative project sessions, and social events that provide the team with opportunities to connect.

Why Work at Abridge?

• Be a part of a trailblazing, mission-driven organization that is powering deeper understanding in healthcare through AI!

• Opportunity to work and grow with talented individuals and have ownership and impact at a high-growth startup.

• Flexible/Unlimited PTO — Salaried team members can take off as much approved time off as they need, plus 13 paid holidays

• Equity — For all salaried team members

• Medical insurance — We pay 100% of the premium for you + 75% for dependents. 3 Aetna plans to choose from.

• Dental & Vision insurance — We pay 100% of the premium for you + 75% for dependents. 2 Aetna plans to choose from.

• Flexible Spending (FSA) & Health Savings (HSA) Accounts

• Learning and Development budget — $3,000 per year for coaching, courses, workshops, conferences, etc.

• 401k Plan — Contribute pre-tax dollars toward retirement savings.

• Paid Parental Leave — 16 weeks paid parental leave, for all full-time employees

• Flexible working hours — We care more about what you accomplish than what specific hours you’re working.

• Home Office Budget — We provide up to $1,600 in a one-time reimbursement to set up your home office.

• Sabbatical Leave — 30 days of paid Sabbatical Leave after 5 years of employment.

• ...Plus much more!

Life at Abridge

At Abridge, we’re driven by our mission to bring understanding and follow-through to every medical conversation. Our culture is founded on doing things the “inverse” way in a legacy system—focusing on patients, instead of the system; focusing on outcomes, instead of billing; and focusing on the end-user experience, instead of a hospital administrator's mandate.

Abridgers are engineers, scientists, designers, and health policy experts from a diverse set of backgrounds—an experiment in alchemy that helps us transform an industry dominated by EHRs and enterprise into a consumer-driven experience, one recording at a time. We believe in strong ideas, loosely held, and place a high premium on a growth mindset. We push each other to grow and expose each other to the latest in our respective fields. Whether it’s holding a PhD-level deep dive into understanding fairness and underlying bias in machine learning models, debating the merits of a Scandinavian design philosophy in our UI/UX, or writing responses for Medicare rules to influence U.S. health policy, we prioritize sharing our findings across the team and helping each other be successful.

Diversity & Inclusion

Abridge is an equal opportunity employer. Diversity and inclusion is at the core of what we do. We actively welcome applicants from all backgrounds (including but not limited to race, gender, educational background, and sexual orientation).

Staying Safe - Protect Yourself From Recruitment Fraud

We are aware of individuals and entities fraudulently representing themselves as Abridge recruiters and/or hiring managers. Abridge will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Abridge recruiting team will come from an @abridge.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.