Manager, Enterprise Security

About The Position

Requirements

• Depth of Experience: 8+ years in enterprise security, identity security, corporate security, or adjacent security engineering domains, with at least 2+ years in a management or team-lead capacity
• Identity and Access Expertise: Strong hands-on depth in identity and access management, including SSO, OAuth/OIDC, SCIM, authentication protocols, access lifecycle management, and identity governance. You understand how to design and operate Zero Trust security architectures in modern enterprise environments
• Endpoint Security Proficiency: Experience designing and operating endpoint security programs at scale, including EDR, MDM, device compliance, and fleet management across macOS, Windows, and Linux
• Cloud and SaaS Fluency: Deep familiarity with securing cloud-native environments (GCP or AWS) and managing the security posture of a large, evolving SaaS estate. You understand the identity-centric nature of modern enterprise risk
• Engineering Mindset: Strong scripting and automation skills (Python, Go, or similar). You write clean, maintainable code and believe that manual processes are technical debt. Experience with infrastructure-as-code is a plus
• Cross-Functional Leadership: Demonstrated ability to partner with IT, HR, Legal, and Compliance to deliver security outcomes through influence, not mandates. You build tools and processes people actually enjoy using
• Communication and Executive Presence: Exceptional communicator who can translate complex security risks into clear business terms for audiences from engineers to executive leadership
• Pragmatic Execution: You have a bias for action and a knack for navigating ambiguity. You understand how to weigh security risks against business velocity, choosing solutions that empower employees while maintaining a strong security posture

Nice To Haves

• You have experience building or scaling an enterprise security function from 0 → 1 at a high-growth startup
• You have worked in a regulated industry such as healthcare, fintech, or life sciences and understand frameworks like HIPAA, SOC 2, or HITRUST
• You have experience applying Generative AI to enterprise security operations—whether for automating access reviews, triaging alerts, or scaling security awareness
• You are energized by enabling a fast-growing business to move quickly and securely, treating security as a platform service rather than a gate
• You participate in the security community via talks, papers, blogs, or open-source contributions

Responsibilities

• Own Enterprise Security Strategy: Define and drive the vision, roadmap, and execution of Abridge's enterprise security program—spanning identity, endpoint, SaaS, email, and corporate network security—ensuring capabilities scale with the organization
• Build and Lead the Team: Recruit, mentor, and develop a team of enterprise security engineers, setting the technical bar from day one and establishing engineering best practices that attract top talent
• Architect Identity and Access Management: Design, implement, and operate IAM and Zero Trust access controls, including SSO, MFA, authentication protocols, access lifecycle management, and identity governance across cloud and SaaS environments
• Secure the Endpoint Fleet: Own the strategy and tooling for endpoint detection and response (EDR), device management (MDM), and endpoint compliance, ensuring every device connecting to Abridge systems meets security standards
• Drive SaaS and Third-Party Security: Establish and operate programs for SaaS security posture management, shadow IT discovery, vendor security assessments, and third-party risk management to maintain control as the SaaS footprint grows
• Automate and Scale: Build production-grade automation for access reviews, onboarding/offboarding workflows, policy enforcement, and security operations—turning manual processes into reliable, code-driven systems
• Partner Cross-Functionally: Collaborate with IT, People, Legal, and Compliance teams to translate regulatory and business requirements into durable, automated technical controls that don't slow down the organization
• Lead Enterprise AI Security: Define and execute Abridge's strategy for securing corporate AI adoption end-to-end—from establishing governance frameworks and sanctioned tool inventories, to implementing technical controls around data loss prevention, prompt injection risks, and third-party AI vendor assessments—ensuring employees can leverage AI safely and at speed
• Define Build vs. Buy: Evaluate and select enterprise security tooling, making pragmatic build-vs-buy decisions that maximize coverage while minimizing complexity

Benefits

• Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
• Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.
• Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
• Paid Parental Leave: Generous paid parental leave for all full-time employees.
• Family Forming Benefits: Resources and financial support to help you build your family.
• 401(k) Matching: Contribution matching to help invest in your future.
• Personal Device Allowance: Tax free funds for personal device usage.
• Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
• Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
• Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
• Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
• Compensation and Equity: Competitive compensation and equity grants for full time employees.
• ... and much more!