Manager, Enterprise Security
About the role
The Enterprise Security Manager will be responsible for defining and executing Abridge's enterprise security strategy, building and leading a high-performing team, and architecting identity and access management, endpoint security, and SaaS security programs. This is a greenfield opportunity to architect the way forward for Enterprise Security at Abridge.
Responsibilities
Own Enterprise Security Strategy: Define and drive the vision, roadmap, and execution of Abridge's enterprise security program—spanning identity, endpoint, SaaS, email, and corporate network security—ensuring capabilities scale with the organization.
Build and Lead the Team: Recruit, mentor, and develop a team of enterprise security engineers, setting the technical bar from day one and establishing engineering best practices that attract top talent.
Architect Identity and Access Management: Design, implement, and operate IAM and Zero Trust access controls, including SSO, MFA, authentication protocols, access lifecycle management, and identity governance across cloud and SaaS environments.
Secure the Endpoint Fleet: Own the strategy and tooling for endpoint detection and response (EDR), device management (MDM), and endpoint compliance, ensuring every device connecting to Abridge systems meets security standards.
Drive SaaS and Third-Party Security: Establish and operate programs for SaaS security posture management, shadow IT discovery, vendor security assessments, and third-party risk management to maintain control as the SaaS footprint grows.
Automate and Scale: Build production-grade automation for access reviews, onboarding/offboarding workflows, policy enforcement, and security operations—turning manual processes into reliable, code-driven systems.
Partner Cross-Functionally: Collaborate with IT, People, Legal, and Compliance teams to translate regulatory and business requirements into durable, automated technical controls that don't slow down the organization.
Lead Enterprise AI Security: Define and execute Abridge's strategy for securing corporate AI adoption end-to-end—from establishing governance frameworks and sanctioned tool inventories, to implementing technical controls around data loss prevention, prompt injection risks, and third-party AI vendor assessments—ensuring employees can leverage AI safely and at speed.
Define Build vs. Buy: Evaluate and select enterprise security tooling, making pragmatic build-vs-buy decisions that maximize coverage while minimizing complexity.
Requirements
8+ years of experience in enterprise security, identity security, corporate security, or adjacent security engineering domains, with at least 2+ years in a management or team-lead capacity.
Strong hands-on depth in identity and access management, including SSO, OAuth/OIDC, SCIM, authentication protocols, access lifecycle management, and identity governance. Experience with Zero Trust security architectures in modern enterprise environments.
Experience designing and operating endpoint security programs at scale, including EDR, MDM, device compliance, and fleet management across macOS, Windows, and Linux.
Deep familiarity with securing cloud-native environments (GCP or AWS) and managing the security posture of a large, evolving SaaS estate.
Strong scripting and automation skills (Python, Go, or similar). Experience with infrastructure-as-code is a plus.
Demonstrated ability to partner with IT, HR, Legal, and Compliance to deliver security outcomes through influence, not mandates.
Exceptional communicator who can translate complex security risks into clear business terms for audiences from engineers to executive leadership.
Bias for action and a knack for navigating ambiguity. Ability to weigh security risks against business velocity, choosing solutions that empower employees while maintaining a strong security posture.
Qualifications
Master's degree in Computer Science, Information Security, or related field.
CISSP, CISM, or equivalent certifications preferred.
Skills
Hands-on experience with identity and access management (IAM) and Zero Trust security architectures.
Experience with endpoint detection and response (EDR) and device management (MDM).
Familiarity with cloud-native environments (GCP or AWS).
Strong scripting and automation skills (Python, Go, or similar).
Experience with infrastructure-as-code.
Excellent cross-functional collaboration and communication skills.
Ability to balance security and business velocity.
Benefits
At Abridge, we offer a comprehensive benefits package including:
Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees.
Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families. Generous HSA Contribution.
Paid Parental Leave: Generous paid parental leave for all full-time employees.
Family Forming Benefits: Resources and financial support to help you build your family.
401(k) Matching: Contribution matching to help invest in your future.
Personal Device Allowance: Tax-free funds for personal device usage.
Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
Compensation and Equity: Competitive compensation and equity grants for full-time employees.
Pay
$218K - $256K
Schedule
This is a hybrid role with a minimum of 3 days / week (MWF) in our San Francisco office.