Job Description

At Commure, our mission is to simplify healthcare. We have bold ambitions to reimagine the healthcare experience, setting a new standard for how care is delivered and experienced across the industry. Our growing suite of AI solutions spans ambient AI clinical documentation, provider copilots, autonomous coding, revenue cycle management and more -- all designed for providers & administrators to focus on what matters most: providing care.


Healthcare is a $4.5 trillion industry with more than $500 billion spent annually on administrative costs, and Commure is at the heart of transforming it. We power over 500,000 clinicians across hundreds of care sites nationwide - more than $10 billion flows through our systems and we support over 100 million patient interactions. With new product launches on the horizon, expansion into additional care segments, and a bold vision to tackle healthcare's most pressing challenges, our ambition is to move from upstart innovator to the industry standard over the next few years.


Commure was recently named to Fortune's Future 50 list for 2025 and is backed by world-class investors including General Catalyst, Sequoia, Y Combinator, Lux, Human Capital, 8VC, Greenoaks Capital, Elad Gil, and more. Commure has achieved over 300% year-over-year growth for the past two years and this is only the beginning. Healthcare's moment for AI-powered transformation is here, and we're building the technology to power it. Come join us in shaping the future of healthcare.

About the Role

------------------

We are seeking a

Security Platform Engineer

to lead the modernization of our security infrastructure. This hands-on role combines

security engineering, platform architecture, and AI/ML operations

, responsible for managing our existing multi-vendor security stack while designing and implementing its next-generation replacement.


You'll work across tools such as

Splunk, SumoLogic, Wiz, CrowdStrike, Okta, and Trustwave

, while architecting a

self-hosted ELK-based security platform

enhanced with

agentic AI for automation and intelligent threat response

. This is a unique opportunity to build the future of security operations--where scalability, automation, and intelligence converge.

Key Responsibilities

------------------------

Manage, integrate, and optimize the existing multi-vendor security ecosystem to ensure unified threat visibility and response. Architect, build, and operate a self-hosted

ELK-based SIEM platform

with advanced automation and AI-driven capabilities. Design and deploy

data ingestion pipelines

capable of processing large-scale log volumes (10TB+ daily). Develop

AI/ML models

for anomaly detection, automated triage, and predictive threat analysis. Drive platform migration strategy from commercial SIEMs to an in-house security platform with minimal disruption. Collaborate with Security Operations (SOC) and Engineering teams to define security monitoring standards, correlation rules, and incident response workflows. Lead automation initiatives to improve detection accuracy, reduce alert fatigue, and accelerate response times. Ensure alignment with compliance and data privacy frameworks (SOC 2, HIPAA, GDPR, PCI-DSS).

Required Technical Skills

-----------------------------

Security Platforms & Operations

5+ years of hands-on experience with

SIEM platforms

(Splunk, ELK, SumoLogic, or equivalent). Experience integrating

EDR/XDR

(CrowdStrike, SentinelOne) and

identity platforms

(Okta, Azure AD). Deep understanding of

incident response, log management, and threat hunting workflows

.

Infrastructure & Automation

Proven experience deploying and operating

ELK Stack

at enterprise scale. Strong expertise in

Terraform, Ansible, Docker, and Kubernetes

for automation and scalability. Proficiency in

Python

for scripting, automation, and data processing.

AI/ML & Data Engineering

Hands-on experience with

TensorFlow, PyTorch

, and

agentic AI frameworks

(LangChain, AutoGen). Knowledge of

Kafka/Kinesis

for stream processing and

vector databases

for AI-driven analytics. Experience designing high-throughput

data pipelines

and implementing

automated remediation workflows

.

Query & Programming Skills

Proficiency with

SPL, KQL

, and similar query languages. Familiarity with

Go, Rust, or Java

for performance-critical modules.

Qualifications & Experience

--------------------------------

Bachelor's degree in

Computer Science, Information Security, or related field

(Master's preferred). 5+ years of experience in

security engineering, platform engineering, or security operations

. Proven experience architecting or migrating large-scale security platforms. In-depth understanding of the

MITRE ATT&CK framework

, security analytics, and automation. Excellent documentation, presentation, and cross-functional collaboration skills.

Preferred:

Certifications such as

CISSP, GIAC, OSCP, or CISM

. Experience building or contributing to

AI-driven security platforms

. Prior experience in

regulated industries (e.g., healthcare, fintech)

.

The Ideal Candidate

-----------------------

You are a builder at heart who thrives on solving complex problems and scaling systems that protect enterprise environments. You balance

innovation with operational stability

, leverage

AI to automate intelligently

, and can communicate seamlessly across technical and executive teams.


Commure is committed to creating and fostering a diverse team. We are open to all backgrounds and levels of experience, and believe that great people can always find a place. We are committed to providing reasonable accommodations to all applicants throughout the application process.





Please be aware that all official communication from us will come exclusively from email addresses ending in

@

getathelas.com

,

@

commure.com

or

@

augmedix.com

. Any emails from other domains are not affiliated with our organization.





Employees will act in accordance with the organization's information security policies, to include but not limited to protecting assets from unauthorized access, disclosure, modification, destruction or interference nor execute particular security processes or activities. Employees will report to the information security office any confirmed or potential events or other risks to the organization. Employees will be required to attest to these requirements upon hire and on an annual basis.