Staff Software Engineer, Privacy
About The Position
Ambience Healthcare is the leading AI platform for documentation, coding, and clinical workflow, built to reduce administrative burden and protect revenue integrity at the point of care. Trusted by top health systems across North America, Ambience’s platform is live across outpatient, emergency, and inpatient settings, supporting more than 100 specialties with real-time, coding-aware documentation. The platform integrates directly with Epic, Oracle Cerner, athenahealth, and other major EHRs. Founded in 2020 by Mike Ng and Nikhil Buduma, Ambience is headquartered in San Francisco and backed by Oak HC/FT, Andreessen Horowitz (a16z), OpenAI Startup Fund, Kleiner Perkins, and other leading investors. Join us in the endeavor of accelerating the path to safe & useful clinical super intelligence by becoming part of our community of problem solvers, technologists, clinicians, and innovators. Ambience handles PHI for millions of patient encounters across the nation's leading health systems. That trust is earned through technical controls that actually work, not policies that live in a PDF. You'll own the systems that protect patient data: access control, audit logging, data retention, and the compliance infrastructure that lets us operate inside the most security-conscious health systems in the country. You'll design systems that enforce least-privilege access, build audit infrastructure that can withstand compliance scrutiny, and create data lifecycle pipelines that honor retention obligations automatically. Privacy engineering here isn't a checkbox exercise. It's what lets us sell and expand into demanding enterprise health systems. Our engineering roles are hybrid in our SF office (3x/week).
Requirements
- 7+ years in software engineering, 2+ focused on security, privacy, or compliance infrastructure
- Staff-level scope: owned cross-cutting initiatives, influenced technical direction across teams
- Strong backend fundamentals in Python, Go, TypeScript, or similar
- Built access control systems, audit infrastructure, or data lifecycle pipelines
- In SF, 3x/week in-person
Responsibilities
- Access Control & Authorization — Design and implement granular RBAC across our application. Enforce least-privilege policies, and build workflows requiring users to document why they're accessing specific PHI.
- Audit Logging & Compliance — Ensure comprehensive audit logs across all application touch points where PHI is accessed. Integrate with SIEM so logs are queryable and useful for real compliance investigations, not just checkbox compliance.
- Data Retention & De-identification — Build infrastructure supporting per-org retention configurations across all PHI artifact types: EHR chart data, transcripts, audio recordings, logs. Scale intelligent de-identification pipelines across multi-modal clinical data while preserving utility for downstream use cases.
Benefits
- An opportunity to work with cutting edge AI technology, on a product that dramatically improves the quality of life for healthcare providers and the quality of care they can provide to their patients
- Work alongside a world-class, diverse team that is deeply mission aligned
- Ownership over your success and the ability to significantly impact the growth of our company
- Competitive salary and equity compensation with benefits including health, dental, and vision coverage, quarterly retreats, unlimited PTO, and a 401(k) plan with matching
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
