Senior Software Engineer, Information Security

At Commure, our mission is to simplify healthcare. We have bold ambitions to reimagine the healthcare experience, setting a new standard for how care is delivered and experienced across the industry. Our growing suite of AI solutions spans ambient AI clinical documentation, provider copilots, autonomous coding, revenue cycle management and more — all designed for providers & administrators to focus on what matters most: providing care.

Healthcare is a $4.5 trillion industry with more than $500 billion spent annually on administrative costs, and Commure is at the heart of transforming it. We power over 500,000 clinicians across hundreds of care sites nationwide – more than $10 billion flows through our systems and we support over 100 million patient interactions. With new product launches on the horizon, expansion into additional care segments, and a bold vision to tackle healthcare's most pressing challenges, our ambition is to move from upstart innovator to the industry standard over the next few years.

Commure was recently named to Fortune’s Future 50 list for 2025 https://fortune.com/ranking/future-50/ and is backed by world-class investors including General Catalyst, Sequoia, Y Combinator, Lux, Human Capital, 8VC, Greenoaks Capital, Elad Gil, and more. Commure has achieved over 300% year-over-year growth for the past two years and this is only the beginning. Healthcare's moment for AI-powered transformation is here, and we're building the technology to power it. Come join us in shaping the future of healthcare.

ABOUT THE ROLE

We're hiring a Senior Software Engineer to architect scalable detection frameworks, integrate threat intelligence into automated security pipelines, and build AI-driven security operations at scale. You'll translate complex security requirements into production-grade software that protects our enterprise and cloud infrastructure — and you'll partner with red team, threat intel, and SOC engineers to move from signal to outcome.

WHAT YOU'LL DO

- Design high-fidelity detections and correlation logic in Splunk Enterprise Security and AWS OpenSearch — tuning for coverage and signal-to-noise.

- Build AI-powered detection tooling that ingests threat intel and recommends new use cases using ML and NLP techniques.

- Write production Python, Java, and Bash to automate workflows, build internal tooling, and integrate with cloud and third-party APIs.

- Engineer ETL pipelines for log ingestion, normalization, and routing across AWS, multi-cloud, and on-prem environments.

- Translate red team findings, threat hunts, and pentest results into durable detection improvements and control enhancements.

- Drive detection standards and reusable patterns across endpoint, network, identity, and cloud domains.

- Mentor engineers and analysts on detection methodology, secure software practices, and architecture.

WHAT YOU HAVE

- Bachelor's degree in Computer Science, Cybersecurity, or a closely related technical field (Master's a plus).

- 6+ years in software and/or security engineering, with 2+ years building detections on enterprise SIEMs (Splunk, OpenSearch, Securonix, or equivalent).

- 2+ years hands-on experience developing security automation or AI/ML-based security applications in Python, Java, or similar.

- Strong command of AWS (SageMaker, OpenSearch, Lambda, IAM), EDR platforms (CrowdStrike, Carbon Black), and modern identity tooling.

- Fluency with MITRE ATT&CK, NIST CSF, Zero Trust, and CIS Controls; comfort integrating STIX/TAXII and MISP feeds.

- Track record supporting compliance audits (SOC 2, FedRAMP, ISO 27001, HIPAA, or SOX) from a hands-on engineering seat.

NICE TO HAVE

- Splunk Certified Architect or Developer; CISSP, CEH, or GIAC GCED.

- Experience applying ML to anomaly detection, behavioral analytics, or security NLP.

- Background in healthcare, financial services, or other regulated industries.

- Enterprise vulnerability management experience — authenticated scanning, CVSS prioritization, automated reporting.

Commure is committed to creating and fostering a diverse team. We are open to all backgrounds and levels of experience, and believe that great people can always find a place. We are committed to providing reasonable accommodations to all applicants throughout the application process.

Please be aware that all official communication from us will come exclusively from email addresses ending in @getathelas.com http://getathelas.com, @commure.com http://commure.com or @augmedix.com http://augmedix.com. Any emails from other domains are not affiliated with our organization.

Employees will act in accordance with the organization’s information security policies, to include but not limited to protecting assets from unauthorized access, disclosure, modification, destruction or interference nor execute particular security processes or activities. Employees will report to the information security office any confirmed or potential events or other risks to the organization. Employees will be required to attest to these requirements upon hire and on an annual basis.