About Us

Hippocratic AI has developed a safety-focused Large Language Model (LLM) for healthcare. The company believes that a safe LLM can dramatically improve healthcare accessibility and health outcomes in the world by bringing deep healthcare expertise to every human. No other technology has the potential to have this level of global impact on health.

Why Join Our Team

• Innovative Mission: We are developing a safe, healthcare-focused large language model (LLM) designed to revolutionize health outcomes on a global scale.

• Visionary Leadership: Hippocratic AI was co-founded by CEO Munjal Shah, alongside a group of physicians, hospital administrators, healthcare professionals, and artificial intelligence researchers from leading institutions, including El Camino Health, Johns Hopkins, Stanford, Microsoft, Google, and NVIDIA.

• Strategic Investors: We have raised a total of $278 million in funding, backed by top investors such as Andreessen Horowitz, General Catalyst, Kleiner Perkins, NVIDIA’s NVentures, Premji Invest, SV Angel, and six health systems.

• World-Class Team: Our team is composed of leading experts in healthcare and artificial intelligence, ensuring our technology is safe, effective, and capable of delivering meaningful improvements to healthcare delivery and outcomes.

For more information, visit www.HippocraticAI.com.

We value in-person teamwork and believe the best ideas happen together. Our team is expected to be in the office five days a week in Palo Alto, CA, unless explicitly noted otherwise in the job description.

About the Role

As Head of Security Operations at Hippocratic AI, you will lead the operational security architecture across infrastructure, product, data, and clinical-use contexts. You will ensure readiness for incidents, continuous monitoring, threat detection and response, and embed operational security into our healthcare-AI lifecycle. You will be responsible for defining strategy, managing teams, tools, and processes, and aligning with regulatory, privac,y and governance demands unique to healthcare AI. This position reports to the CISO.

What You'll Do:

• Develop and own the security operations strategy: define missions, objectives, KPIs, service levels, and a road-map for detection, response, monitoring, and operations.

• Build, lead, and scale the security operations team: SOC/SecOps analysts, threat hunters, response engineers; define roles, hiring, training, and leadership.

• Oversee real-time security monitoring, detection, triage, investigation, and containment of incidents across cloud, infrastructure, product, clinical data pipelines, and end-user interfaces.

• Perform tabletop and DR/BR scenarios

• Define incident response playbooks, run-books, escalation paths, crisis communication, post-mortem mechanics, and lessons-learned cycles specific to regulated health-AI contexts.

• Manage security tooling and architecture for operations: SIEM, SOAR, threat intel platforms, cloud-native logging/alerting, automation of response.

• Embed security operations practices into product and engineering life cycles: collaborate with product security, devops, data science, and clinical operations to integrate detection/response capabilities.

• Work with GRC to establish vendor/third-party risk monitoring for security operations: ensure that outsourced services, clinical-data vendors, and cloud providers meet operational security expectations.

• Maintain readiness for audits, compliance, and regulatory demands (HIPAA-adjacent, healthcare data, AI-governance) as operations scale.

• Liaise with other functional leads (GRC, privacy, product, legal) to ensure alignment of security operations with governance and compliance frameworks.

What You Bring

• You have a proven track record (10+ years) leading or heavily involved in security operations in a technology or SaaS environment, ideally with regulated data (healthcare, life sciences, or similarly regulated).

• You are comfortable operating in ambiguity and high-stakes contexts, making decisions under pressure and prioritizing response.

• You have experience in incident response and understand the communication chain and evidence collection process

• You understand multiple clouds (AWS, GCP, etc), containers, data-platform threat surfaces, and can translate technical risk into business-impact language.

• You can build and run metrics-driven security operations, define processes and workflows, and move from reactive to proactive/resilient models.

• You can communicate effectively with senior leadership and cross-functional stakeholders.

• You hold yourself accountable for operational excellence and continuous improvement of security posture.

Must-Have:

• Bachelor’s degree (or equivalent experience) in computer science, cybersecurity, engineering, or similar.

• 10+ years in security operations, incident response, or security engineering roles; 3+ years in a leadership role.

• Deep experience with security monitoring/detection tools (SIEM, SOAR, EDR/XDR), cloud security operations (AWS, GCP, Azure), threat hunting,and incident response.

• Proven success in establishing or scaling SOC/SecOps functions.

• Strong understanding of security operations metrics, incident lifecycle, root-cause analysis, and remediation.

• Familiarity with regulatory/compliance environments tied to healthcare or data-sensitive industries.

Nice-to-Haves:

• Certifications such as CISSP, CISM, GIAC (GCIA, GCIH), or equivalent.

• Experience specifically in SaaS, healthcare, or clinical data security operations.

• Experience in AI/ML-centric organizations or securing AI/ML pipelines.

• Experience building remote/distributed security teams.

• Prior experience with compliance frameworks is a plus (HIPAA, HITRUST, ISO 27001, SOC2).

***Be aware of recruitment scams impersonating Hippocratic AI. All recruiting communication will come from @hippocraticai.com email addresses. We will never request payment or sensitive personal information during the hiring process. If anything