Join Abridge as Director of Product Security: Secure the Future of Healthcare AI
Abridge is on a mission to revolutionize healthcare by powering deeper understanding through AI. Our platform transforms patient-clinician conversations into structured clinical notes in real-time, enhancing clinical documentation and enabling clinicians to focus on patient care. As pioneers in generative AI for healthcare, we're setting industry standards for responsible AI deployment. We're seeking a passionate and experienced Director of Product Security to lead our security efforts and safeguard our innovative solutions.
If you're a strategic thinker with a proven track record in building and leading high-performing security teams, and you're excited about the prospect of securing cutting-edge AI technology in the healthcare space, we want to hear from you!
What You'll Do: Architecting Security for the AI-Powered Healthcare Revolution
Strategic Leadership & Security as a Business:
Define and drive the long-term Product Security strategy, aligning with Abridge's business goals and technological advancements.
Own the creation and execution of the Product Security roadmap, including security features, SDLC enhancements, threat modeling initiatives, and risk reduction milestones.
Manage the Product Security budget, forecasting security tool expenditures, vendor contracts, and personnel resource allocation.
Define, track, and report on key performance indicators (KPIs) and security metrics to measure program effectiveness and provide data-driven insights to leadership.
Conduct ROI analysis of security investments and lead time/cost-reduction efforts, translating complex security risks into clear business terms.
People & Program Leadership:
Lead and mentor a growing team of Security Engineers and Analysts, providing career development, mentorship, and performance feedback.
Define and execute on security goals in a hypergrowth AI company, focusing on enabling secure AI development and deployment globally.
Actively participate in and be a thought leader in the security industry through conference talks, publications, and forums.
Cloud Security (CloudSec) and Infrastructure:
Define the security architecture and strategy for our multi-cloud environments (GCP, AWS, Azure, etc.).
Lead the implementation of security controls for containerized applications, with a deep focus on securing Kubernetes clusters, including network policies and secrets management.
Implement security guardrails within Infrastructure as Code (e.g., Terraform) to ensure secure cloud resource provisioning.
Application Security (AppSec) & Secure SDLC:
Partner with Engineering and Product leadership to embed security processes into the Software Development Lifecycle (SDLC).
Develop and oversee secure coding practices, security architecture reviews, and static/dynamic code analysis across all applications.
Direct the vulnerability management and penetration testing programs, ensuring comprehensive coverage and rapid remediation of findings.
Data Security, AI/ML Model Security, & Cryptography:
Lead the data security program, focusing on protection, encryption, and access controls for sensitive patient data (PII, PHI, AI models, etc.).
Establish security engineering practices for our AI/ML models and pipeline, including model integrity, adversarial attack prevention, model red-teaming, and securing agentic AI.
What You'll Bring: Your Arsenal of Skills and Experience
Experience: 10+ years of progressive experience in security, with a minimum of 10 years leading security teams, programs, or large-scale initiatives in a senior leadership capacity.
Business Acumen: Demonstrated experience running security as a business unit, including budget management, strategic forecasting, and translating technical risk into business impact (ROI).
Engineering Proficiency: Proficiency at an engineering level in at least one general-purpose programming language. Experience with Python and/or NextJS is a significant plus.
Cloud Expertise: Deep technical expertise in securing at least one major cloud platform (GCP, AWS, or Azure) and demonstrable experience with modern cloud security principles and tools.
Containerization: Mandatory expertise in securing container orchestration technologies, specifically Kubernetes.
Industry Knowledge: Proven experience securing products (enterprise SaaS, cloud environments) handling highly sensitive data, such as Protected Health Information (PHI), with specific knowledge of NIST 800-53 / 800-171, FedRAMP, HIPAA, NIS2 and other relevant security and privacy regulations and frameworks.
Communication: Exceptional communication and presentation skills, with the ability to convey complex security issues and technical risks to both technical and non-technical audiences, including executives, customers, government agencies, and board members.
Why Abridge? Join a Team Making a Real Difference
At Abridge, you'll be more than just an employee – you'll be a vital part of a team transforming healthcare through the power of AI. We offer:
Impact: Be at the forefront of securing generative AI in healthcare, directly impacting patient care and clinical efficiency.
Growth: Thrive in a fast-paced, high-growth startup environment where your contributions are valued and your potential is limitless.
Culture: Collaborate with a team of brilliant minds – MDs, AI scientists, PhDs, and engineers – in a supportive and inclusive environment.
Innovation: Work on cutting-edge technology and contribute to setting industry standards for responsible AI deployment.
How We Take Care of Abridgers:
Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.
Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
Paid Parental Leave: Generous paid parental leave for all full-time employees.
Family Forming Benefits: Resources and financial support to help you build your family.
401(k) Matching: Contribution matching to help invest in your future.
Personal Device Allowance: Tax free funds for personal device usage.
Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
Compensation and Equity: Competitive compensation and equity grants for full time employees.
... and much more!
Ready to secure the future of healthcare AI? Apply now and join the Abridge team!
Abridge is an equal opportunity employer and considers all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability.
Staying safe - Protect yourself from recruitment fraud
We are aware of individuals and entities fraudulently representing themselves as Abridge recruiters and/or hiring managers. Abridge will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Abridge recruiting team will come from an @abridge.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.