About Amigo

Amigo builds trust and safety infrastructure for AI in mission-critical environments.

We partner with organizations in healthcare and other regulated sectors to deploy AI systems that operate reliably when the stakes are highest. Our infrastructure enables verification, monitoring, and real-time oversight—ensuring AI serves people safely at scale.

We've raised $6.5M from General Catalyst and GSV Ventures. Our team combines expertise in distributed systems, quantitative research, clinical operations, and regulatory environments to build AI that organizations can trust.

About this role

As Application Security Engineer at Amigo, you'll own security and compliance infrastructure for healthcare conversational AI systems integrated with medical devices. You'll establish our path to FedRAMP authorization, maintain SOC 2 and HIPAA compliance, and build security practices that enable safe deployment at scale. This role requires deep security engineering expertise and understanding of regulatory frameworks for medical AI systems.

What you'll do

• Own compliance programs including SOC 2, HIPAA, FedRAMP authorization, and FDA frameworks for medical AI

• Build security infrastructure for conversational AI systems handling sensitive patient health data

• Secure API integrations with healthcare systems, medical devices, and clinical workflows

• Design and implement security controls across multi-cloud infrastructure

• Conduct security design reviews for conversational AI agents and production deployments

• Secure real-time conversation systems processing patient interactions and voice data

• Build security tooling and automation for development workflows

• Implement monitoring and incident response for security events

• Partner with engineering teams on secure system design

• Establish security standards for infrastructure and applications

• Secure integrations with medical devices and healthcare IoT systems

• Manage external audits and certification processes across multiple frameworks

• Create compliance frameworks for global expansion and medical device regulations

What we're looking for

• 5+ years in application security or security engineering roles

• Deep understanding of cloud security and compliance frameworks

• Experience with SOC 2, HIPAA, or similar regulatory requirements in healthcare/financial services

• Strong knowledge of secure development practices and common vulnerabilities

• Hands-on experience with security tooling and automation

• Proficiency in at least one programming language for security reviews

• Experience securing containerized and distributed systems

• Understanding of identity management and access control systems

• Strong communication skills across technical and business teams

• Ownership mindset with ability to drive initiatives autonomously

Nice to have

• FedRAMP experience or deep familiarity with NIST 800-53 controls implementation

• FDA regulatory frameworks for medical devices or medical AI systems

• Healthcare industry experience with sensitive personal data handling and privacy requirements

• Experience securing API integrations with healthcare systems (EHR, FHIR, HL7)

• Infrastructure-as-code security expertise

• Experience with ML model security, including adversarial robustness and data poisoning

• Security for conversational AI systems and dialogue agents

• Voice/audio data security and biometric data handling

• Medical device integration security and IoT healthcare systems

• Multi-region compliance and international data protection regulations

• Experience building security automation and tooling

• Background in penetration testing or offensive security

• Security certifications (CISSP, CCSP, CEH, OSCP, or equivalent)

Benefits

Health & Wellness

• Comprehensive health, dental, and vision insurance

• Mental health support and wellness coaching

• Flexible wellness stipend for fitness, therapy, or personal growth

• Daily catered lunch and dinner

Growth & Development

• Annual learning budget for courses, books, or conferences

• Conference attendance budget for professional development

• Development setup of your choice

• Academic collaboration opportunities