Senior Security Engineer

Job description

Join Our Mission to Revolutionize Healthcare

Thoughtful is pioneering a new approach to automation for all healthcare providers! Our AI-powered Revenue Cycle Automation platform enables the healthcare industry to automate and improve its core business operations.

We’re hiring a Senior Security Engineer to secure and scale our stack. You’ll own platform security, system reliability, audit readiness, and integration strategy across cloud and hybrid environments.

You’ll take ownership of system reliability, security posture, audit readiness, and help guide our long-term integration strategy across cloud and legacy environments.

We’re unifying cloud-native and legacy systems into a secure, high-availability platform that powers AI-driven automation across healthcare.

You’ll lead foundational work in infrastructure hardening, audit controls, and production observability, directly supporting mission-critical AI agents.

You’ll have executive support and budget to modernize everything from our VPN tunnels to our alerting stack.

What You’ll Own:

• Integration Strategy: Lead infrastructure and tooling decisions as we unify multiple environments into a single, scalable platform.
• Audit Readiness: Own and drive SOC 2 Type II and HITRUST prep, working across engineering, compliance, and security.
• System Reliability: Ensure uptime, scalability, and fault tolerance across services. Set and enforce SLAs.
• On-Call Infrastructure: Stand up our alerting, escalation, and incident response systems.
• Observability: Improve logging, metrics, and dashboards using tools like HyperDX.
• Infrastructure Provisioning: Spin up and manage production-grade infrastructure using OpenTofu/Terraform.
• Security & Networking: Architect infrastructure with security best practices, including VPNs, IPsec tunnels, and hybrid network topologies.

Your Qualifications:

• 8+ years of experience spanning Security, DevOps, and/or SRE roles in high-availability, cloud and hybrid environments—with a strong track record of leading integrations, hardening infrastructure, and ensuring audit/compliance readiness.
• Start-up mentality - desire to tackle ambiguous scope of work and willing to do whatever is necessary to drive the company/mission forward.
• Track record leading complex infrastructure integrations
• Deep AWS expertise; strong experience with Azure and/or GCP a bonus
• Proficiency in OpenTofu or Terraform for Infrastructure-as-Code
• Comfortable navigating hybrid cloud environments (e.g. EKS, legacy VMs, VPN tunnels)
• Solid Kubernetes experience (Knative experience a plus)
• Strong networking fundamentals and experience with on-prem systems
• Familiar with incident tooling (PagerDuty, Opsgenie) and setting SLOs/SLAs
• Personable and cross-functional: able to build rapport with stakeholders across engineering, compliance, and executive leadership
• Security-first mindset, with an eye for compliance and audit readiness
• Proficiency in SOC2 Type 2, HITRUST preparation.
• Comfortable spinning up new infrastructure as needed

What Sets You Apart:

• You’ve integrated cutting edge cloud environments with customer’s legacy environments
• You’ve built platforms, not just maintained them
• You treat DevOps as a product, not just a support function
• You care about developer experience, observability, and operational excellence

Why Thoughtful?

• Competitive compensation
• Equity participation: Employee Stock Options.
• Health benefits: Comprehensive medical, dental, and vision insurance.
• Time off: Generous leave policies and paid company holidays.

California Salary Range

$170,000—$220,000 USD