Founding Security Reliability Engineer
Posted on September 26, 2025 (about 2 hours ago)
About Charta Health
At Charta, we're pioneering a transformative approach to healthcare billing through generative AI. Our mission is to revolutionize healthcare billing, enabling medical billers and coders to operate 10x to 100x more efficiently, while reducing operational costs to just 2% of the standard expense.
Charta relieves healthcare providers from non-clinical operational complexities, allowing them to focus on patient care. Our solutions handle revenue cycle intricacies and ensure billing accuracy with robust security reliability engineering.
Our vision is to create a seamless, efficient, and cost-effective billing process that is indispensable but invisible, allowing healthcare providers to redirect resources towards patient-centric services with secure and continuously protected sensitive data.
About the Opportunity
We are seeking a Founding Security Reliability Engineer to design, implement, and maintain secure, scalable, and resilient infrastructure for our generative AI healthcare solutions. This role requires hands-on engineering of platform security architecture applying SRE principles to ensure robust security through automation, monitoring, threat mitigation, and incident response in a regulated healthcare environment.
What You'll Do
- Design and implement scalable, resilient, inherently secure cloud infrastructure and application architectures prioritizing security-by-design and resilience against attacks.
- Lead automation of security controls, provisioning, deployment, and operations using Terraform, Ansible, CI/CD pipelines, embedding security best practices and automated security gates throughout the development lifecycle.
- Implement and manage cloud security best practices primarily on AWS, including network security, IAM, data encryption, secrets management, and secure configuration baselines.
- Partner with development teams for threat modeling, security code review, secure coding practices, integrating application security testing in CI/CD, and driving vulnerability remediation.
- Define and monitor security reliability metrics such as MTTD, MTTR, and vulnerability remediation SLAs. Design and lead incident response plans with swift containment, recovery, and post-incident analysis focused on improving system security and resilience.
- Oversee critical security systems and technologies like SIEM, CSPM, IDS/IPS, WAF, DLP, EDR, and secrets management solutions.
- Establish comprehensive monitoring, logging, and alerting for system health and critical security events with centralized logging for audit and forensics.
- Manage vulnerability program including scanning, penetration testing coordination, analysis, and remediation efforts across infrastructure and applications.
- Ensure compliance with healthcare security regulations and standards such as HIPAA, HITECH, HITRUST, SOC 2, CCPA/CPRA, and GDPR through engineered controls and automated validation.
- Collaborate across teams to embed security as a priority in business processes, projects, and development lifecycles. Serve as a security subject matter expert.
- Promote a security-first culture by delivering security awareness and secure coding training programs for employees.
- Plan strategically for future security needs by researching and integrating latest security technologies, threats, and intelligence to maintain a strong defense posture.
You'd be a great fit if you have
- 4+ years of experience in Security Engineering, Application Security, Cloud Security, or DevSecOps, with at least 2 years in a leadership or foundational role and applying SRE principles to solve security challenges and build resilient systems.
- Deep expertise in AWS cloud security, including secure configuration, network security, IAM, data encryption, and operationalizing security for AWS services such as EC2, S3, RDS, Lambda, EKS/ECS, VPC, CloudWatch, GuardDuty, Security Hub, WAF, KMS, and Secrets Manager.
- Strong fundamentals in application security, secure coding, and experience with security testing tools.
- Experience with container and orchestration security best practices and runtime protection.
- Experience with security operations tools like SIEM, EDR, IDS/IPS, and ability to build custom tools and integrate security via APIs.
- In-depth knowledge of security principles, architectures, network, application, cloud security, data protection, and cryptography.
- Understanding of healthcare compliance requirements such as HIPAA, HITECH, and HITRUST.
- Experience with security frameworks such as NIST CSF, ISO 27001, SOC 2, CIS Benchmarks, and MITRE ATT&CK.
- Strong analytical, problem-solving, and communication skills with ability to explain security risks and solutions effectively across teams.
- Bachelor's degree in Computer Science, Engineering, Information Security or equivalent practical experience.
What We Offer
- Competitive salary between $150,000 and $250,000 plus equity and comprehensive benefits including health, dental, vision, life insurance, and more.
- Team dinners and snacks in the office.
- Growth opportunities in a fast-paced, innovative tech startup.
- Access to professional development and cutting-edge AI and healthcare tools.
- Wellness and learning stipends for health and personal growth.
- Vibrant in-person work culture at headquarters in downtown San Francisco with required 5-day onsite presence.
Our Commitment to Diversity
We are an equal opportunity employer valuing diversity and do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Contact Information
Interested candidates can contact us or send their résumé to [email protected] or [email protected].
How to Apply
To apply, please contact us by email at [email protected] or send your résumé to [email protected]. You can also apply directly via the provided "Apply Now" link on the job posting page.