Staff Security Engineer
$250k - $325k USD
About Us:
Here at Ambience, we never set out to be just another scribe. We’re building the AI intelligence platform that restores humanity to healthcare and drives meaningful ROI for health systems across the country.
Our technology helps providers focus on delivering great care by removing the administrative burden that pulls them away from patients and away from their most impactful work. Ambience delivers real-time coding-aware documentation and clinical workflow support across ambulatory, emergency and inpatient settings at the top health systems in North America.
Our teams operate relentlessly with extreme ownership to build the best solutions for our health system partners. We value candor, positivity and deep thought — and we expect a lot from each other because we know the problems we’re solving truly matter.
Ambience was ranked #1 for Improving the Clinician Experience in the KLAS Research Emerging Solutions Top 20 Report, recognized by Fast Company as one of the Next Big Things in Tech, named one of the best AI companies in healthcare by Inc., and selected as a LinkedIn Top Startup in 2024 and 2025. We’re backed by Oak HC/FT, Andreessen Horowitz (a16z), OpenAI Startup Fund, and Kleiner Perkins — and we’re just getting started.
The Role:
Ambience runs real-time clinical workflows inside the most security-sensitive health systems in the country. That means security can’t be bolted on, it has to be engineered into the product.
As a Staff Security Engineer, you’ll own the systems that protect our platform at scale: application security, cloud security, detection and response, and the security primitives other teams build on. You’ll design guardrails that make the secure path the default, harden our infrastructure against real threats, and partner with engineering to eliminate entire classes of risk.
This is a builder role. You’ll write code, design systems, and lead cross-cutting security initiatives that directly enable enterprise trust and customer expansion.
What You’ll Own:
Application & Platform Security — Design and implement secure-by-default patterns across our backend and infrastructure. Identify and remediate vulnerabilities in application logic, APIs, and data flows.
Cloud & Infrastructure Security — Own security posture across our cloud environment: IAM, network boundaries, secrets management, and secure service-to-service communication.
Detection & Incident Response — Build and operate detection pipelines, alerts, and runbooks. Lead investigations, root cause analysis, and systemic fixes — not just one-off patches.
Security Tooling & Automation — Extend and integrate security tools through code. Automate controls, evidence collection, and remediation to reduce manual work and scale coverage.
Security Architecture & Leadership — Set technical direction for security across teams. Threat model new products, influence designs early, and raise the security bar company-wide.
Who You Are:
Experience & Impact: You have 7+ years (Staff) to 12+ years (Principal) of hands-on security engineering experience. You don’t just find bugs; you design systems that prevent entire classes of vulnerabilities.
Scalable Scope:
At the Staff level, you have led cross-cutting security initiatives and influenced architecture for major product areas.
At the Principal level, you have a track record of defining company-wide security North Stars, mentoring other senior engineers, and shifting the security culture of an entire organization.
Engineering Roots: Strong software engineering fundamentals are a must. You are comfortable reading, writing, and modifying production code in Python, Go, or TypeScript. You view security as an engineering problem, not a compliance checklist.
Proven experience in security architecture and systems hardening across applications, infrastructure, and cloud environments
Hands-on with vulnerability management and penetration testing: identifying, prioritizing, and driving remediation of real risks
Experience selecting and extending modern security tools for detection, incident response, automation, and threat monitoring
Strong cloud security background (AWS and/or GCP), including IAM, networking, and secure service design
Collaborative and pragmatic: able to partner with engineers, influence designs early, and explain security tradeoffs clearly
Why Here:
At most companies, security is reactive. At Ambience, it’s a product enabler. The systems you build determine whether we can earn — and keep — the trust of the largest health systems in the country.
You’ll have real ownership, direct access to leadership, and the chance to shape how security engineering is done at a company where it truly matters. Small team, high trust, and problems that are both technically deep and mission-critical.
Pay Transparency
We offer a base compensation range of approximately $250,000–$325,000 per year, along with meaningful equity. This intentionally broad range provides flexibility for candidates to tailor their cash and equity mix based on individual preferences. Our compensation philosophy prioritizes meaningful equity grants, enabling team members to share directly in the impact they help create. If your expectations fall outside of this range, we still encourage you to apply—our approach to compensation considers a range of factors to ensure alignment with each candidate's unique needs and preferences.
Life at Ambience
Working at Ambience means opting into a high-ownership, high-trust environment built for people who want to grow fast, operate decisively and focus on work that matters. This could be the right place for you if you want to
Work on mission-critical AI technology that directly improves clinicians’ day-to-day lives and health system financial health across some of the most complex, high-stakes workflows in the world.
Join a “dream team” culture where we hire exceptional people, expect exceptional outcomes and invest deeply in feedback and continuous growth. We operate as a championship team, and that means being ok with hard, uncomfortable, ambiguous problems that lead to real greatness.
Operate with real ownership and accountability in an environment where there are no bystanders: If something is broken, we fix it! You will have meaningful autonomy and be expected to drive work to completion.
To help you do your best work, we pair these expectations with benefits intentionally designed to help you feel supported and safe at Ambience and beyond. Some of our key benefits include
Comprehensive medical, dental, and vision coverage for you and your dependents
401(k) with a company match of up to 3% of base salary
A remote-friendly culture (with a San Francisco HQ) and full equipment provisioning to ensure you can work effectively from wherever you’re based.
Parental leave to support your family needs
Annual company-wide off-sites, team off-sites and regular team lunches and all-hands gatherings, with travel, lodging and meals covered
Flexible time off with no annual cap, company-wide holidays and an annual holiday shutdown from December 24–January 1 designed to support real rest and long-term sustainability.
Ambience Healthcare is an equal opportunity employer and is committed to building a diverse and inclusive workplace. We do not discriminate on the basis of race, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, disability, veteran status, genetic information, or any other legally protected status. We encourage applicants from all backgrounds to apply.
Ambience is committed to supporting every candidate’s ability to fully participate in our hiring process. If you need any accommodations during your application or interviews, please reach out to our Recruiting team at accommodations@ambiencehealthcare.com. We’ll handle your request confidentially and work with you to ensure an accessible and equitable experience for all candidates.
Ambience Healthcare has become aware of scams targeting jobseekers with fake jobs and even interviewing people. Our emails will always come from @ambiencehealthcare.com. We would never our ask candidates to download apps or make any form of payment(s). If you are contacted through WhatsApp, Telegram, similar but fake email domains, or asked to make a payment, these contacts are not legitimate. Report the issue immediately to LinkedIn and the FBI.