Senior IT Systems Engineer

About Abridge

Abridge was founded in 2018 with the mission of powering deeper understanding in healthcare. Our AI-powered platform was purpose-built for medical conversations, improving clinical documentation efficiencies while enabling clinicians to focus on what matters most—their patients.

Our enterprise-grade technology transforms patient‑clinician conversations into structured clinical notes in real‑time, with deep EMR integrations. Powered by Linked Evidence and our purpose‑built, auditable AI, we are the only company that maps AI‑generated summaries to ground truth, helping providers quickly trust and verify the output. As pioneers in generative AI for healthcare, we are setting the industry standards for the responsible deployment of AI across health systems.

We are a growing team of practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers working together to empower people and make care make more sense. We have offices located in the Mission District in San Francisco, the SoHo neighborhood of New York, and East Liberty in Pittsburgh.

As a Senior IT Systems Engineer, you will own the design, deployment, and operational reliability of Abridge's corporate infrastructure and endpoint ecosystem. This includes managing and hardening the device fleet, maintaining cloud and network infrastructure, and ensuring that all systems meet the rigorous configuration and compliance standards required of a healthcare AI company operating under SOC 2 and HIPAA frameworks. You will work closely with the Security team, IT leadership, and cross‑functional stakeholders to maintain a resilient, scalable, and audit‑ready infrastructure posture.

• Endpoint Management: Own the full lifecycle of corporate endpoints, macOS, iOS, and Linux, including imaging, configuration management, patch enforcement, and compliance remediation using MDM platforms (JAMF, Fleet, or equivalent).
• Infrastructure Operations: Manage and maintain cloud infrastructure components (GCP, AWS, and/or Azure) supporting corporate IT, including identity federation, network segmentation, and access controls.
• Security & Compliance Hardening: Implement and enforce CIS benchmarks, endpoint security baselines, and configuration standards aligned with SOC 2 Trust Service Criteria and HIPAA technical safeguards.
• Identity & Access Management: Administer and maintain SSO, MFA, and directory services (Okta, Google Workspace, or equivalent); support access provisioning and deprovisioning workflows.
• Asset & Configuration Management: Maintain an accurate CMDB and asset inventory; enforce configuration‑as‑code practices where applicable.
• Cross-functional Collaboration: Partner with Security, Engineering, and IT Automation peers to evaluate new tooling, respond to audit requests, and drive continuous improvement of the infrastructure posture.

• Experience: 5–8 years in IT Systems Engineering, Corporate Infrastructure, or a closely related discipline within an enterprise environment.
• Endpoint Expertise: Deep hands‑on experience managing macOS fleets at scale using MDM platforms; iOS and Linux experience a plus.
• Cloud Infrastructure: Working knowledge of at least one major cloud platform (GCP, AWS, or Azure) in a corporate IT context, IAM, networking, logging, and access controls.
• Identity & Access Management: Strong understanding of SSO (SAML/OIDC), MFA enforcement, SCIM provisioning, and directory services administration.
• Security & Compliance: Practical experience implementing technical controls aligned to SOC 2, HIPAA, or equivalent frameworks; familiarity with audit evidence collection.
• Scripting & Automation: Proficiency in Bash, Python, or equivalent scripting for system administration and operational automation tasks.
• Problem Solving: Ability to independently diagnose and resolve complex infrastructure and endpoint issues in a fast‑moving environment.

• Experience with Fleet for open‑source device management and osquery‑based visibility.
• Familiarity with IaC tooling (Terraform) for infrastructure configuration management.
• Exposure to SIEM platforms and endpoint detection and response (EDR) tooling.
• Ex…