Senior Security Engineer

About the Opportunity

As a HIPAA-regulated, AI-native company, security is foundational to our ability to serve patients. As our platform, AI capabilities, and regulatory footprint continue to grow, we're looking for our first dedicated Security Engineer to help scale our security posture alongside the business.

This is a highly hands-on engineering role. You'll own the implementation of security controls across applications, cloud infrastructure, AI systems, and compliance-driven initiatives. You'll help secure patient-facing voice agents, LLM-powered workflows, internal developer tooling, and a growing ecosystem of vendors and integrations. You'll partner closely with Engineering and IT to remediate findings, improve our security foundations, and build systems that enable the company to move quickly and safely.

This role is ideal for someone who enjoys building—an engineer who wants to write code, automate workflows, strengthen infrastructure, and help shape security at a company using AI to improve healthcare access for underserved communities.

This is a fully remote position reporting up to the IT Lead.

What You’ll Do

• Own vulnerability management, dependency security, threat modeling, security code reviews, and remediation of penetration test findings.
• Strengthen our AWS security posture, identity and access management (IAM, SSO, SAML, SCIM), endpoint security, threat detection, and incident response capabilities.
• Design and implement security controls for AI-powered products and workflows, including protections against prompt injection, data leakage, and other AI-specific risks.
• Build technical safeguards that enable the secure use of PHI and sensitive data within LLM-powered systems.
• Implement and maintain the technical controls, evidence, and security practices required to support HIPAA, SOC 2, and other compliance frameworks.