About Us:

Here at Ambience, we never set out to be just another scribe. We’re building the AI intelligence platform that restores humanity to healthcare and drives meaningful ROI for health systems across the country.

Our technology helps providers focus on delivering great care by removing the administrative burden that pulls them away from patients and away from their most impactful work. Ambience delivers real-time coding-aware documentation and clinical workflow support across ambulatory, emergency and inpatient settings at the top health systems in North America.

Our teams operate relentlessly with extreme ownership to build the best solutions for our health system partners. We value candor, positivity and deep thought — and we expect a lot from each other because we know the problems we’re solving truly matter.

Ambience was ranked #1 for Improving the Clinician Experience in the KLAS Research Emerging Solutions Top 20 Report, recognized by Fast Company as one of the Next Big Things in Tech, named one of the best AI companies in healthcare by Inc., and selected as a LinkedIn Top Startup in 2024 and 2025. We’re backed by Oak HC/FT, Andreessen Horowitz (a16z), OpenAI Startup Fund, and Kleiner Perkins — and we’re just getting started.

The Role:

Ambience deploys clinical AI agents that operate in real time across the nation's largest health systems. When your product has autonomous access to infrastructure, credentials, and patient data at scale, detection and response isn't a support function, it's core to our business.

You'll be our first dedicated D&R hire. You'll build the detection engineering and incident response program from scratch in a HIPAA-regulated, AI-native environment where the threat surface includes LLM-powered agents operating across infrastructure. You'll write production code, architect security data pipelines, and define what good looks like for D&R at a company where the attack surface is genuinely novel and rapidly evolving.

Our engineering roles are hybrid in our SF office (3x/week).

What You’ll Own:

• Detection Engineering: Stand up a detection pipeline across our highest-risk surfaces: AWS, Kubernetes, Okta, endpoints, and SaaS tools. Author environment-tuned detections with a full rule lifecycle that produces high-signal alerting the on-call team actually trusts.

• Incident Response: Build the IR program end-to-end: playbooks, escalation paths, evidence collection, post-mortems. Procedures that are documented, rehearsed, and satisfy both operational and HIPAA needs.

• Security Tooling & Automation: Evaluate, deploy, and integrate the core D&R stack (SIEM, EDR, SOAR, cloud-native services). Build internal tooling and automation that reduces response time and toil. Use LLMs where they genuinely accelerate detection, triage, or investigation.

• Agent Security: Detect and respond to threats unique to clinical AI systems and agentic workflows: abnormal tool access, credential abuse, data exfiltration, and novel attack patterns that don't show up in traditional threat models.

Who You Are:

• 5+ years in detection engineering, incident response, or a closely related security engineering role

• Strong programming skills in Python, Go, or Rust. You ship production code and internal tooling, not just scripts

• Deep experience with AWS (or comparable cloud) and its native security services; comfortable operating in Kubernetes environments

• You've built or significantly matured a detection engineering program: authored detections, managed rule lifecycles, measured coverage and precision

• You think in terms of attacker tradecraft and can translate real-world intrusion patterns into detections that matter

• Solid fundamentals in networking, infrastructure security, and identity/access management

• You set priorities with risk and operational impact, not just coverage checklists

Bonus points if you've worked with LLMs or agent-based workflows to automate security operations, contributed to open-source security projects or published research, or built security programs at a startup where there was no playbook to follow.

Why Here:

This isn't a D&R role where you're tuning someone else's detections inside a mature SOC. You're building the function. You'll define what we detect, how we respond, and what tooling we invest in. Small team, high trust, direct access to leadership. The systems you build determine whether we can operate inside the most demanding health systems in the country.

Pay Transparency
We offer a base compensation range of approximately $200,000–$250,000 per year, along with meaningful equity. This intentionally broad range provides flexibility for candidates to tailor their cash and equity mix based on individual preferences. Our compensation philosophy prioritizes meaningful equity grants, enabling team members to share directly in the impact they help create. If your expectations fall outside of this range, we still encourage you to apply—our approach to compensation considers a range of factors to ensure alignment with each candidate's unique needs and preferences.

Life at Ambience

Working at Ambience means opting into a high-ownership, high-trust environment built for people who want to grow fast, operate decisively and focus on work that matters. This could be the right place for you if you want to

• Work on mission-critical AI technology that directly improves clinicians’ day-to-day lives and health system financial health across some of the most complex, high-stakes workflows in the world.

• Join a “dream team” culture where we hire exceptional people, expect exceptional outcomes and invest deeply in feedback and continuous growth. We operate as a championship team, and that means being ok with hard, uncomfortable, ambiguous problems that lead to real greatness.

• Operate with real ownership and accountability in an environment where there are no bystanders: If something is broken, we fix it! You will have meaningful autonomy and be expected to drive work to completion.

To help you do your best work, we pair these expectations with benefits intentionally designed to help you feel supported and safe at Ambience and beyond. Some of our key benefits include

• Comprehensive medical, dental, and vision coverage for you and your dependents

• 401(k) with a company match of up to 3% of base salary

• A remote-friendly culture (with a San Francisco HQ) and full equipment provisioning to ensure you can work effectively from wherever you’re based.

• Parental leave to support your family needs

• Annual company-wide off-sites, team off-sites and regular team lunches and all-hands gatherings, with travel, lodging and meals covered

• Flexible time off with no annual cap, company-wide holidays and an annual holiday shutdown from December 24–January 1 designed to support real rest and long-term sustainability.

Ambience Healthcare is an equal opportunity employer and is committed to building a diverse and inclusive workplace. We do not discriminate on the basis of race, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, disability, veteran status, genetic information, or any other legally protected status. We encourage applicants from all backgrounds to apply.

Ambience is committed to supporting every candidate’s ability to fully participate in our hiring process. If you need any accommodations during your application or interviews, please reach out to our Recruiting team at accommodations@ambiencehealthcare.com. We’ll handle your request confidentially and work with you to ensure an accessible and equitable experience for all candidates.

Ambience Healthcare has become aware of scams targeting jobseekers with fake jobs and even interviewing people. Our emails will always come from @ambiencehealthcare.com. We would never our ask candidates to download apps or make any form of payment(s). If you are contacted through WhatsApp, Telegram, similar but fake email domains, or asked to make a payment, these contacts are not legitimate. Report the issue immediately to LinkedIn and the FBI.