About Abridge
Abridge was founded in 2018 with the mission of powering deeper understanding in healthcare. Our AI-powered platform was purpose-built for medical conversations, improving clinical documentation efficiencies while enabling clinicians to focus on what matters most—their patients.
Our enterprise-grade technology transforms patient-clinician conversations into structured clinical notes in real-time, with deep EMR integrations. Powered by Linked Evidence and our purpose-built, auditable AI, we are the only company that maps AI-generated summaries to ground truth, helping providers quickly trust and verify the output. As pioneers in generative AI for healthcare, we are setting the industry standards for the responsible deployment of AI across health systems.
We are a growing team of practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers working together to empower people and make care make more sense. We have offices located in the Mission District in San Francisco, the SoHo neighborhood of New York, and East Liberty in Pittsburgh.
The Role
Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We’re looking for an experienced and highly motivated Senior Enterprise Security Engineer to join our team as one of the first engineers on the Abridge Security team. In this role, you’ll be a key technical contributor, implementing and operating the enterprise security controls that protect the identities, endpoints, SaaS applications, and corporate infrastructure our employees rely on every day.
You’ll work cross-functionally with IT, Security, Legal, Compliance, and People teams to engineer security solutions that scale alongside rapid growth. This position requires deep hands-on expertise in identity and access management, endpoint protection, and corporate security architecture, paired with a builder’s mindset and excellent communication skills to influence security culture across the organization.
This is a greenfield opportunity to architect the way forward for Enterprise Security at Abridge. You will thrive here if you are passionate about building 0 → 1 and believe that enterprise security should reduce risk while empowering employees to do their best work.
What You’ll Do
- **Implement and Operate Identity and Access Management: **Design, deploy, and manage IAM and Zero Trust access controls—including SSO, MFA, authentication protocols, access lifecycle management, and identity governance—across cloud and SaaS environments. Ensure every identity is accounted for and every access decision is defensible.
- **Secure the Endpoint Fleet: **Engineer and operate endpoint detection and response (EDR), device management (MDM), and endpoint compliance tooling, ensuring every device connecting to Abridge systems meets security standards across macOS, Windows, and Linux.
- **Drive SaaS and Third-Party Security: **Build and operate programs for SaaS security posture management, shadow IT discovery, and third-party risk assessment to maintain control as the SaaS footprint grows.
- **Automate and Scale: **Build production-grade automation for access reviews, onboarding/offboarding workflows, policy enforcement, and security operations—turning manual processes into reliable, code-driven systems.
- **Engineer Corporate Network Security: **Design and maintain secure corporate network architectures, including VPN, ZTNA, network segmentation, and Wi-Fi security, ensuring robust protection for both on-premises and remote work environments.
- **Support Enterprise AI Security: **Help implement Abridge’s strategy for securing corporate AI adoption—from enforcing governance frameworks and sanctioned tool inventories to deploying technical controls around data loss prevention and third-party AI vendor risk.
- **Partner Cross-Functionally: **Collaborate with IT, People, Legal, and Compliance teams to translate regulatory and business requirements into durable, automated technical controls that don’t slow down the organization.
What You’ll Bring
- **Depth of Experience: **7+ years in enterprise security, identity security, corporate security, or adjacent security engineering domains, with a demonstrated track record of hands-on implementation and operational ownership.
- **Identity and Access Expertise: **Strong hands-on depth in identity and access management, including SSO, OAuth/OIDC, SCIM, authentication protocols, access lifecycle management, and identity governance. You understand how to design and operate Zero Trust architectures in modern enterprise environments.
- **Endpoint Security Proficiency: **Experience designing and operating endpoint security programs at scale, including EDR, MDM, device compliance, and fleet management across macOS, Windows, and Linux.
- **Cloud and SaaS Fluency: **Deep familiarity with securing cloud-native environments (GCP or AWS) and managing the security posture of a large, evolving SaaS estate. You understand the identity-centric nature of modern enterprise risk.
- **Engineering Mindset: **Strong scripting and automation skills (Python, Go, or similar). You write clean, maintainable code and believe that manual processes are technical debt. Experience with infrastructure-as-code is a plus.
- **Cross-Functional Influence: **Demonstrated ability to partner with IT, HR, Legal, and Compliance to deliver security outcomes through influence, not mandates. You build tools and processes people actually enjoy using.
- **Communication Skills: **Strong communicator who can translate technical security topics into clear terms for audiences ranging from engineers to executive leadership.
- **Pragmatic Execution: **You have a bias for action and a knack for navigating ambiguity. You understand how to weigh security risks against business velocity, choosing solutions that empower employees while maintaining a strong security posture.
Bonus Points If…
- You have experience building or scaling an enterprise security function from 0 → 1 at a high-growth startup.
- You have worked in a regulated industry such as healthcare, fintech, or life sciences and understand frameworks like HIPAA, SOC 2, or HITRUST.
- You have experience applying Generative AI to enterprise security operations—whether for automating access reviews, triaging alerts, or scaling security awareness.
- You are energized by enabling a fast-growing business to move quickly and securely, treating security as a platform service rather than a gate.
- You participate in the security community via talks, papers, blogs, or open-source contributions.
Why Work at Abridge?
At Abridge, we’re transforming healthcare delivery experiences with generative AI, enabling clinicians and patients to connect in deeper, more meaningful ways. Our mission is clear: to power deeper understanding in healthcare. We’re driving real, lasting change, with millions of medical conversations processed each month.
Joining Abridge means stepping into a fast-paced, high-growth startup where your contributions truly make a difference. Our culture requires extreme ownership—every employee has the ability to (and is expected to) make an impact on our customers and our business.
Beyond individual impact, you will have the opportunity to work alongside a team of curious, high-achieving people in a supportive environment where success is shared, growth is constant, and feedback fuels progress. At Abridge, it’s not just what we do—it’s how we do it. Every decision is rooted in empathy, always prioritizing the needs of clinicians and patients.
We’re committed to supporting your growth, both professionally and personally. Whether it's flexible work hours, an inclusive culture, or ongoing learning opportunities, we are here to help you thrive and do the best work of your life.
If you are ready to make a meaningful impact alongside passionate people who care deeply about what they do, Abridge is the place for you.
How we take care of Abridgers:
- Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
- Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.
- Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
- Paid Parental Leave: Generous paid parental leave for all full-time employees.
- Family Forming Benefits: Resources and financial support to help you build your family.
- 401(k) Matching: Contribution matching to help invest in your future.
- Personal Device Allowance: Tax free funds for personal device usage.
- Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
- Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
- Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
- Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
- Compensation and Equity: Competitive compensation and equity grants for full time employees.
- ... and much more!
Equal Opportunity Employer
Abridge is an equal opportunity employer and considers all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability.
We provide reasonable accommodations throughout the interview process. If you need reasonable accommodation in applying, interviewing, completing any assessment or otherwise participating in the employee selection process, please contact us at accommodations@abridge.com
Staying safe - Protect yourself from recruitment fraud
We are aware of individuals and entities fraudulently representing themselves as Abridge recruiters and/or hiring managers. Abridge will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Abridge recruiting team will come from an @abridge.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.