Lead the build-out of enterprise security (IAM, endpoint, SaaS, AI governance) at a high-growth healthcare AI company. Manage a team, architect Zero Trust controls, automate processes, and partner cross-functionally to scale security without slowing the business. Requires 8+ years security experience including 2+ years managing teams.
218k – 256k
Hybrid8+ YOESecurity Engineering
About the role
What You’ll Do
Own Enterprise Security Strategy: Define and drive the vision, roadmap, and execution of Abridge's enterprise security program—spanning identity, endpoint, SaaS, email, and corporate network security—ensuring capabilities scale with the organization.
Build and Lead the Team: Recruit, mentor, and develop a team of enterprise security engineers, setting the technical bar from day one and establishing engineering best practices that attract top talent.
Architect Identity and Access Management: Design, implement, and operate IAM and Zero Trust access controls, including SSO, MFA, authentication protocols, access lifecycle management, and identity governance across cloud and SaaS environments.
Secure the Endpoint Fleet: Own the strategy and tooling for endpoint detection and response (EDR), device management (MDM), and endpoint compliance, ensuring every device connecting to Abridge systems meets security standards.
Drive SaaS and Third-Party Security: Establish and operate programs for SaaS security posture management, shadow IT discovery, vendor security assessments, and third-party risk management to maintain control as the SaaS footprint grows.
Automate and Scale: Build production-grade automation for access reviews, onboarding/offboarding workflows, policy enforcement, and security operations—turning manual processes into reliable, code-driven systems.
Partner Cross-Functionally: Collaborate with IT, People, Legal, and Compliance teams to translate regulatory and business requirements into durable, automated technical controls that don't slow down the organization.
Lead Enterprise AI Security: Define and execute Abridge's strategy for securing corporate AI adoption end-to-end—from establishing governance frameworks and sanctioned tool inventories, to implementing technical controls around data loss prevention, prompt injection risks, and third-party AI vendor assessments—ensuring employees can leverage AI safely and at speed.
Define Build vs. Buy: Evaluate and select enterprise security tooling, making pragmatic build-vs-buy decisions that maximize coverage while minimizing complexity.
What You’ll Bring
Depth of Experience: 8+ years in enterprise security, identity security, corporate security, or adjacent security engineering domains, with at least 2+ years in a management or team-lead capacity.
Identity and Access Expertise: Strong hands-on depth in identity and access management, including SSO, OAuth/OIDC, SCIM, authentication protocols, access lifecycle management, and identity governance. You understand how to design and operate Zero Trust security architectures in modern enterprise environments.
Endpoint Security Proficiency: Experience designing and operating endpoint security programs at scale, including EDR, MDM, device compliance, and fleet management across macOS, Windows, and Linux.
Cloud and SaaS Fluency: Deep familiarity with securing cloud-native environments (GCP or AWS) and managing the security posture of a large, evolving SaaS estate. You understand the identity-centric nature of modern enterprise risk.
Engineering Mindset: Strong scripting and automation skills (Python, Go, or similar). You write clean, maintainable code and believe that manual processes are technical debt. Experience with infrastructure-as-code is a plus.
Cross-Functional Leadership: Demonstrated ability to partner with IT, HR, Legal, and Compliance to deliver security outcomes through influence, not mandates. You build tools and processes people actually enjoy using.
Communication and Executive Presence: Exceptional communicator who can translate complex security risks into clear business terms for audiences from engineers to executive leadership.
Pragmatic Execution: You have a bias for action and a knack for navigating ambiguity. You understand how to weigh security risks against business velocity, choosing solutions that empower employees while maintaining a strong security posture.
Bonus Points If…
You have experience building or scaling an enterprise security function from 0 → 1 at a high-growth startup.
You have worked in a regulated industry such as healthcare, fintech, or life sciences and understand frameworks like HIPAA, SOC 2, or HITRUST.
You have experience applying Generative AI to enterprise security operations—whether for automating access reviews, triaging alerts, or scaling security awareness.
You are energized by enabling a fast-growing business to move quickly and securely, treating security as a platform service rather than a gate.
You participate in the security community via talks, papers, blogs, or open-source contributions.
Skills
Identity And Access ManagementZero TrustSSOMFAOAuthOIDCSCIMEdrMDMEndpoint SecuritySaas SecurityPythonGoInfrastructure As CodeAws/Gcp
As a Senior Product Security Engineer, you will lead efforts to mature product security initiatives in an AI-forward engineering environment. You will partner with product and engineering teams to integrate security throughout the development lifecycle, leverage AI and automation to scale security programs, and design and implement security controls.
Leads IAM teams to build and operate enterprise identity, authentication, authorization, and governance systems at global scale. Requires 8-12+ years experience in security/identity engineering, deep IAM expertise, cloud architecture (AWS/GCP/Azure), and Zero Trust principles.
217k – 265k
On-site8+ YOESecurity Engineering
Senior Software Engineer, Identity
Scale AISan Francisco, CA +2
Build and drive design of core identity infrastructure including authentication (SSO, MFA, SAML/OAuth/OIDC), authorization (ReBAC/ABAC/RBAC with OpenFGA/Authzed), and governance for compliance at an AI data platform powering leading LLMs. Requires 5+ years in identity/infrastructure engineering with distributed systems and cloud expertise.
216k – 270k
Hybrid5+ YOESecurity Engineering
Trust Engineer
HarveySan Francisco, CA
As a Trust Engineer, you will be the engineering backbone of Harvey's compliance and assurance programs, building data infrastructure, automation tooling, and AI-powered workflows to scale audit readiness, continuous monitoring, and risk reporting.
220k – 330k
Hybrid6+ YOESecurity Engineering
Senior Software Security Engineer
EverlawOakland, CA
Lead security engineering efforts at Everlaw, guiding a team to build secure development practices and protect customer data on AWS. Requires 4+ years in security and Python scripting skills.