Senior/Staff Enterprise Security Engineer

About Abridge

Abridge was founded in 2018 with the mission of powering deeper understanding in healthcare. Our AI-powered platform was purpose-built for medical conversations, improving clinical documentation efficiencies while enabling clinicians to focus on what matters most—their patients.

Our enterprise-grade technology transforms patient-clinician conversations into structured clinical notes in real-time, with deep EMR integrations. Powered by Linked Evidence and our purpose-built, auditable AI, we are the only company that maps AI-generated summaries to ground truth, helping providers quickly trust and verify the output. As pioneers in generative AI for healthcare, we are setting the industry standards for the responsible deployment of AI across health systems.

We are a growing team of practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers working together to empower people and make care make more sense. We have offices located in the Mission District in San Francisco, the SoHo neighborhood of New York, and East Liberty in Pittsburgh.

The Role

Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and highly motivated Senior or Staff Enterprise Security Engineer to join our team as one of the first engineers on the Abridge Security team. In this role, you'll be a key technical leader, driving large initiatives that shape our company, infrastructure, SaaS ecosystem, and business practices. Impact both the vision and hands-on execution of securing our enterprise infrastructure and systems across the entire company. You'll work cross-functionally with both technical and business teams to integrate security seamlessly, automate security capabilities and controls, and mentor others to build secure-by-default solutions across the business. This position requires deep technical expertise, a builder's mindset, and excellent communication skills to influence security culture across the organization.

What You’ll Do

• Identity & Access Management (IAM) and SaaS Security

  • IAM Architecture: Architect and implement enterprise-wide Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions.

  • Federation & SSO: Own the implementation and maintenance of authentication standards, including Single Sign-On (SSO), phishing resistant Multi-Factor Authentication (MFA), and identity federation protocols (SAML, OIDC, OAuth2).

  • SaaS Security Posture: Design and enforce security policies for critical SaaS applications using tools like SSPM (SaaS Security Posture Management) to ensure secure configurations and access controls.

  • Lifecycle Management: Develop and automate the full identity lifecycle (joiner, mover, leaver) process, leveraging SCIM and other APIs for streamlined user provisioning and de-provisioning.

• Security Automation and Tooling

  • Automation Strategy: Lead the development of the security automation roadmap for Enterprise Security, identifying key areas for efficiency gains.

  • Build & Integrate: Design and build custom automation scripts and integrations using languages like Python to connect security tools (SIEM, EDR, IAM, Ticketing).

  • Policy Enforcement: Utilize Infrastructure as Code (IaC) tools (e.g., Terraform) to manage the secure configuration of enterprise tools and enforce security policies at scale across code repos, MDM, and cloud environments.

• Endpoint, Network, and Email Security

  • Endpoint Protection: Engineer, deploy, and manage our Endpoint Detection and Response (EDR) and Mobile Device Management (MDM) platforms to ensure full coverage, policy compliance, and timely incident response across a fleet of various operating systems (Primarily MacOS).

  • Network Security Controls: Design, configure, and maintain enterprise network security controls, including next-generation firewalls, secure web gateways, VPNs, and micro-segmentation strategies.

  • Email Security: Own and optimize the email security stack, DMARC/DKIM/SPF enforcement, and anti-phishing controls to mitigate social engineering attacks.

  • Zero Trust Architecture: Drive the technical implementation of the company's Zero Trust architecture across corporate networks, systems, and endpoints.

• Leadership and Partnership

  • Technical Leadership: Act as an escalation point for complex security events and technical issues within the Enterprise Security domain, performing root cause analysis and leading remediation efforts.

  • Compliance & Audit Support: Ensure the security capabilities meet compliance and regulatory requirements (e.g. FedRAMP Moderate, SOC 2), providing technical evidence and documentation for audits. Be a strong partner for the Security and Privacy Compliance Team.

  • Information Technology Partner: Work closely with the Information Technology Team to ensure security is integrated into the lifecycle of designing, implementing, and maintaining technology across the company.

What You’ll Bring

• Experience: 5 to 7+ years of progressive experience in an Enterprise/Corporate Security Engineering role.

• Coding/Automation: Proven hands-on experience developing security automation solutions with Python or similar high-level languages.

• IAM Deep Dive: Expert-level knowledge of IAM concepts, protocols (SAML, OAuth), and hands-on experience with at least IAM in Google Workspace. Additional experience with other IAM platforms is a big plus.

• Endpoint Expertise: Strong experience deploying and managing modern Endpoint Protection (EDR) and MDM solutions in a large corporate environment.

• Networking: Deep understanding of networking and security protocols (TCP/IP, DNS, TLS/SSL, VPN, Firewalls) and how to secure hybrid environments.

• Cross-Functional Skills: Demonstrated ability to lead complex projects, mentor junior staff, and communicate security risks and solutions effectively to both technical and non-technical stakeholders.

Bonus Points If…

• AI Security: Deep understanding of the security of AI models, agents, and associated infrastructure and systems.

• Automation: Experience working with a Security Orchestration, Automation, and Response (SOAR) platform (e.g., Google, Tines, Splunk, Phantom, Cortex XSOAR, etc.).

• Cloud Environments: Deep expertise with security cloud platforms (Primarily GCP, but AWS and Azure are a big plus).

• Access Controls: Deep expertise designing and implementing RBAC, ABAC, NACLs, etc.

• Penetration Testing: Experience performing hands-on penetration tests against SaaS vendors, custom applications, etc.

Why Work at Abridge?

At Abridge, we’re transforming healthcare delivery experiences with generative AI, enabling clinicians and patients to connect in deeper, more meaningful ways. Our mission is clear: to power deeper understanding in healthcare. We’re driving real, lasting change, with millions of medical conversations processed each month.

Joining Abridge means stepping into a fast-paced, high-growth startup where your contributions truly make a difference. Our culture requires extreme ownership—every employee has the ability to (and is expected to) make an impact on our customers and our business.

Beyond individual impact, you will have the opportunity to work alongside a team of curious, high-achieving people in a supportive environment where success is shared, growth is constant, and feedback fuels progress. At Abridge, it’s not just what we do—it’s how we do it. Every decision is rooted in empathy, always prioritizing the needs of clinicians and patients.

We’re committed to supporting your growth, both professionally and personally. Whether it's flexible work hours, an inclusive culture, or ongoing learning opportunities, we are here to help you thrive and do the best work of your life.

If you are ready to make a meaningful impact alongside passionate people who care deeply about what they do, Abridge is the place for you.

How we take care of Abridgers:

• Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees

• Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.

• Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.

• Paid Parental Leave: Generous paid parental leave for all full-time employees.

• Family Forming Benefits: Resources and financial support to help you build your family.

• 401(k) Matching: Contribution matching to help invest in your future.

• Personal Device Allowance: Tax free funds for personal device usage.

• Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.

• Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.

• Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.

• Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.

• Compensation and Equity: Competitive compensation and equity grants for full time employees.

• ... and much more!

Equal Opportunity Employer

Abridge is an equal opportunity employer and considers all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability.

Staying safe - Protect yourself from recruitment fraud

We are aware of individuals and entities fraudulently representing themselves as Abridge recruiters and/or hiring managers. Abridge will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Abridge recruiting team will come from an @abridge.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.