Staff Application Security Engineer - abridge

Key Responsibilities

• Architect and enforce secure coding standards across the AI‑driven clinical documentation platform.
• Conduct threat modeling, risk assessments, and penetration tests for new features and third‑party integrations.
• Collaborate with DevOps to embed security controls into CI/CD pipelines and cloud infrastructure (AWS).
• Lead security incident response, vulnerability triage, and remediation across the application stack.
• Educate engineering teams on secure design patterns, OWASP Top 10, and emerging security threats in healthcare AI.

Requirements

• 10+ years of experience in application security, with a proven track record in large‑scale SaaS environments.
• Deep knowledge of secure software development life cycle, threat modeling, and OWASP guidelines.
• Hands‑on expertise in penetration testing tools (Burp Suite, OWASP ZAP) and cloud security (AWS IAM, VPC, Secrets Manager).
• Strong communication skills to translate complex security concepts to technical and non‑technical stakeholders.
• Experience with AI/ML product security and compliance in regulated healthcare settings is a plus.