At Commure, our mission is to simplify healthcare. We have bold ambitions to reimagine the healthcare experience, setting a new standard for how care is delivered and experienced across the industry. Our growing suite of AI solutions spans ambient AI clinical documentation, provider copilots, autonomous coding, revenue cycle management and more — all designed for providers & administrators to focus on what matters most: providing care.

Healthcare is a $4.5 trillion industry with more than $500 billion spent annually on administrative costs, and Commure is at the heart of transforming it. We power over 500,000 clinicians across hundreds of care sites nationwide – more than $10 billion flows through our systems and we support over 100 million patient interactions. With new product launches on the horizon, expansion into additional care segments, and a bold vision to tackle healthcare's most pressing challenges, our ambition is to move from upstart innovator to the industry standard over the next few years.

Commure was recently named to Fortune’s Future 50 list for 2025 and is backed by world-class investors including General Catalyst, Sequoia, Y Combinator, Lux, Human Capital, 8VC, Greenoaks Capital, Elad Gil, and more. Commure has achieved over 300% year-over-year growth for the past two years and this is only the beginning. Healthcare's moment for AI-powered transformation is here, and we're building the technology to power it. Come join us in shaping the future of healthcare.

About the job

We're seeking a Security Platform Engineer to architect and lead the transformation of our security operations infrastructure. This role sits at the intersection of security engineering, platform architecture, and AI/ML operations - you'll be responsible for both managing our current multi-vendor security stack AND building the next-generation platform that will replace it.

This is a build-the-plane-while-flying-it role. You'll integrate our existing platforms (Splunk, SumoLogic, Wiz, CrowdStrike, Okta, Trustwave) while simultaneously designing and implementing a self-hosted ELK-based security platform with agentic AI automation that will eventually supersede them.

Required Technical Skills

• 5+ years hands-on experience with enterprise SIEM platforms (Splunk, ELK, SumoLogic, or similar)

• Deep understanding of security operations workflows, incident response, and threat hunting

• Expert knowledge of log aggregation, parsing, normalization, and correlation at scale

• Experience integrating EDR/XDR platforms (CrowdStrike, SentinelOne, Carbon Black, etc.)

• Proficiency with identity platforms (Okta, Azure AD, Auth0) and SSO/SAML protocols

What You'll Do

Phase 1: Security Stack Integration & Optimization

Immediate Priorities:

• Orchestrate existing security platforms (Splunk, SumoLogic, Wiz, CrowdStrike, CyberReason, Okta, Trustwave) into a unified security operations framework

• Implement cross-platform correlation rules and automated response workflows

• Build unified dashboards and alerting infrastructure across all platforms

• Optimize data flows to reduce costs by 30-40% through smart routing and deduplication

• Establish baseline metrics for current security operations effectiveness

Key Deliverables:

• Integrated alert triage system consuming data from all security platforms

• Cross-platform incident response playbooks and automation

• Executive and SOC dashboards with unified security metrics

• Cost optimization roadmap showing 30-40% reduction path

• Documentation of current state architecture and data flows

Phase 2: Next-Gen Platform Architecture

Build the Future Platform:

• Design and implement self-hosted ELK stack (Elasticsearch, Logstash, Kibana) for security log aggregation and analysis

• Architect agentic AI layer for intelligent alert management, automated triage, and adaptive threat detection

• Build data ingestion pipelines supporting 10TB+ daily log volume from diverse sources (cloud, on-prem, SaaS, endpoints)

• Develop ML/AI models for anomaly detection, threat classification, and automated response

• Create migration strategy for gradual transition from commercial SIEM platforms

Key Deliverables:

• Production-grade ELK cluster with multi-region replication

• Agentic AI system for automated alert analysis and response

• Migration plan with risk assessment and rollback procedures

• Performance benchmarks showing cost and operational improvements

• Training programs for SOC team on new platform

Professional Background

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)

• 5+ years total experience in security engineering, platform engineering, or related roles

• 3+ years experience as a security engineer or architect in a SOC/security operations environment

• Proven track record of building and scaling security platforms supporting 800 to 1000+ employee organizations

• Experience managing complex technical migrations with minimal business disruption

Why Join Us

• Opportunity to build a high-performing team in a fast-growing organization

• Dynamic and collaborative work culture

• Recognition for impact and speed in hiring results

• Competitive compensation and career growth opportunities

Commure is committed to creating and fostering a diverse team. We are open to all backgrounds and levels of experience, and believe that great people can always find a place. We are committed to providing reasonable accommodations to all applicants throughout the application process.

Please be aware that all official communication from us will come exclusively from email addresses ending in @getathelas.com, @commure.com or @augmedix.com. Any emails from other domains are not affiliated with our organization.

Employees will act in accordance with the organization’s information security policies, to include but not limited to protecting assets from unauthorized access, disclosure, modification, destruction or interference nor execute particular security processes or activities. Employees will report to the information security office any confirmed or potential events or other risks to the organization. Employees will be required to attest to these requirements upon hire and on an annual basis.