Ambience Healthcare’s AI technology for scribing, coding, and patient summaries has been deployed at health systems such as Cleveland Clinic, UCSF, St. Luke’s Health System, John Muir Health, and…
Ambience Healthcare’s AI technology for scribing, coding, and patient summaries has been deployed at health systems such as Cleveland Clinic, UCSF, St. Luke’s Health System, John Muir Health, and…
Product: Ambient AI platform for clinical documentation, coding, CDI, and workflow automation
EHR integrations: Epic, Cerner (Oracle), athenahealth
Notable customers: Cleveland Clinic, UCSF, St. Luke's Health System, John Muir Health, Memorial Hermann
Total disclosed funding (evidence): Approximately $100M after Feb 2024 Series B
Company Overview
Problem Domain
Clinical documentation burden, coding accuracy, CDI, and clinical workflow inefficiencies in healthcare systems.
Founded
2020
Industry
Hospitals and Health Care
Funding Track Record
Series B- February 6, 2024
70,000,000
Round reported to bring total disclosed funding to about $100M
Investor Signal
“Backed by institutional investors including Oak HC/FT, Andreessen Horowitz (a16z), Kleiner Perkins, OpenAI Startup Fund, and Optum Ventures”
Founders
What we do
Join the Team
Threat Detection Engineer
On-SiteSan Francisco Bay Area, US
On-Site • San Francisco Bay Area, US
Related Companies
Company
HQ
Industry
Total Funding
Supio
🇺🇸US
Data and AnalyticsDeepTechInformation TechnologyLegalSales and MarketingSoftware
-
Freed
🇺🇸US
Data and AnalyticsDeepTechHealthInformation TechnologySoftware
-
Stealth Startup
🇺🇸US
Lending and InvestmentsSoftware
-
Nooks
🇺🇸US
Data and AnalyticsDeepTechInformation TechnologySales and MarketingSoftware
$70M
RadiantGraph
🇺🇸US
HealthInformation TechnologySoftware
-
Who you are
5+ years in detection engineering, incident response, or a closely related security engineering role
Strong programming skills in Python, Go, or Rust. You ship production code and internal tooling, not just scripts
Deep experience with AWS (or comparable cloud) and its native security services; comfortable operating in Kubernetes environments
You've built or significantly matured a detection engineering program: authored detections, managed rule lifecycles, measured coverage and precision
You think in terms of attacker tradecraft and can translate real-world intrusion patterns into detections that matter
Solid fundamentals in networking, infrastructure security, and identity/access management
You set priorities with risk and operational impact, not just coverage checklists
Bonus points if you've worked with LLMs or agent-based workflows to automate security operations, contributed to open-source security projects or published research, or built security programs at a startup where there was no playbook to follow
What the job involves
Startup jobs. A lot of them.
Your next opportunity is in here somewhere. Sign up to explore 52,000+ startups and their open roles. No spam. No gamification. Just jobs.
52,000+
Startups
65,000+
Open Roles
1,500+
New This Week
Software Engineer
Full-timeBerlin, DE
Full-time • Berlin, DE
Machine Learning Engineer
Full-timeNovi Sad, RS
Full-time • Novi Sad, RS
DevOps Engineer
Full-timeLondon, GB
Full-time • London, GB
Technical Writer
ContractHaifa
Contract • Haifa
Data Scientist
Full-timeManchester, GB
Full-time • Manchester, GB
Product Designer
InternshipUtrecht, NL
Internship • Utrecht, NL
Ambience deploys clinical AI agents that operate in real time across the nation's largest health systems
When your product has autonomous access to infrastructure, credentials, and patient data at scale, detection and response isn't a support function, it's core to our business
You'll be our first dedicated D&R hire. You'll build the detection engineering and incident response program from scratch in a HIPAA-regulated, AI-native environment where the threat surface includes LLM-powered agents operating across infrastructure
You'll write production code, architect security data pipelines, and define what good looks like for D&R at a company where the attack surface is genuinely novel and rapidly evolving
Detection Engineering: Stand up a detection pipeline across our highest-risk surfaces: AWS, Kubernetes, Okta, endpoints, and SaaS tools. Author environment-tuned detections with a full rule lifecycle that produces high-signal alerting the on-call team actually trusts
Incident Response: Build the IR program end-to-end: playbooks, escalation paths, evidence collection, post-mortems. Procedures that are documented, rehearsed, and satisfy both operational and HIPAA needs
Security Tooling & Automation: Evaluate, deploy, and integrate the core D&R stack (SIEM, EDR, SOAR, cloud-native services). Build internal tooling and automation that reduces response time and toil. Use LLMs where they genuinely accelerate detection, triage, or investigation
Agent Security: Detect and respond to threats unique to clinical AI systems and agentic workflows: abnormal tool access, credential abuse, data exfiltration, and novel attack patterns that don't show up in traditional threat models
This isn't a D&R role where you're tuning someone else's detections inside a mature SOC. You're building the function. You'll define what we detect, how we respond, and what tooling we invest in. Small team, high trust, direct access to leadership. The systems you build determine whether we can operate inside the most demanding health systems in the country
