About Pivotal Health

Pivotal Health is the leading technology platform that helps healthcare providers get paid fairly in an increasingly complex reimbursement landscape.

Today, many providers face persistent underpayment from health insurance companies, despite delivering high-quality care. While processes like IDR (Independent Dispute Resolution) were designed to promote fairness, they’re often administrative-heavy, time-consuming, and difficult to navigate without the right tools.

Pivotal Health combines software, data, and service into a seamlessly integrated, AI-driven platform that simplifies these complex reimbursement workflows. We help providers efficiently dispute underpaid claims, reduce administrative burden, and recover the reimbursement they’re entitled to; without adding more work to already stretched teams.

Our full-service IDR solution is just the starting point. We’re building solutions that enable providers to operate with clarity, control, and confidence across the reimbursement journey.

About the Role

As Pivotal’s first dedicated security hire, you will play a critical role in architecting and building our security program from the ground up. In addition to strengthening platform and infrastructure security, you will help establish the security roadmap, identify and prioritize protection of the company’s “crown jewels,” and embed a secure-by-design culture across engineering.

This role sits at the intersection of platform engineering, infrastructure, and security architecture. You’ll partner closely with engineering teams to design secure cloud systems, implement automated guardrails, and establish patterns that allow teams to move quickly without compromising security.

You’ll help define how security is embedded directly into the platform itself - shaping infrastructure design, networking boundaries, CI/CD workflows, and developer tooling so security scales naturally as the system grows.

You’ll also play a key role in maturing Pivotal’s security posture as we prepare for and maintain compliance while ensuring security practices evolve alongside the platform and the business.

This is a high-impact role with meaningful ownership. You’ll help shape the systems, practices, and architecture that protect the platform as Pivotal continues to scale.

You will also help translate regulatory requirements and evolving security risks into pragmatic engineering solutions that balance strong protection with developer velocity.

What You’ll Do

• Define and evolve Pivotal’s security architecture: Help shape the long-term security architecture of the platform, establishing patterns and guardrails that ensure infrastructure, networking, and services remain secure as the system scales.

• Build security directly into the platform: Design and implement automated controls, policies, and tooling that embed security into our infrastructure and engineering workflows rather than relying on manual review processes.

• Own infrastructure security and automation: Expand and strengthen Infrastructure as Code practices using Terraform to ensure infrastructure is provisioned securely, consistently, and auditable across environments. Where necessary, deploy and integrate security tooling that strengthens our detection, prevention, and response capabilities across the platform.

• Lead cloud and network security design: Design secure networking architectures including VPC configuration, private networking, firewall policies, and edge protections that safeguard internal systems and customer data. Over time, help extend security practices to any hybrid or on-premise infrastructure environments as the platform evolves.

• Secure development workflows and CI/CD systems: Establish best practices for secure build pipelines, dependency management, artifact integrity, and secure software delivery.

• Drive compliance readiness and regulatory maturity: Lead security initiatives required for frameworks such as SOC 2 and HIPAA, including control design, remediation work, audit preparation, and long-term security improvements.

• Translate compliance frameworks (SOC2, NIST, HIPAA) into actionable engineering tasks and automated controls that integrate smoothly with developer workflows.

• Act as a primary technical point of contact during audits and security reviews, confidently representing Pivotal’s security posture to auditors, partners, or customers when needed.

• Improve monitoring, detection, and operational visibility: Design systems that surface meaningful security signals across infrastructure and services, helping teams detect issues earlier and respond effectively.

• Reduce security toil through automation: Identify manual or repetitive security work and replace it with automated systems, tooling, and infrastructure improvements.

• Partner with engineering teams across the company: Operate as a technical partner to engineering teams, helping them design secure systems while preserving speed and developer experience. Serve as a “security champion” within the organization — collaborating with engineering and IT teams to identify vulnerabilities and work together on practical remediation solutions.

• Raise the bar for security engineering at Pivotal: Set technical direction, establish security standards, and mentor engineers as we continue to mature our platform and security posture. Develop guidelines and protocols for the responsible and secure use of emerging technologies, including AI and LLMs, within both our product and internal workflows.

Who You Are

• 8+ years of experience building and securing cloud infrastructure, platform systems, or developer tooling

• Strong experience designing and operating secure cloud-native systems (AWS or GCP; GCP preferred)

• Deep hands-on experience with Infrastructure as Code, particularly Terraform

• Strong understanding of cloud networking and secure architecture (VPCs, private networking, routing, firewall policies)

• Experience securing CI/CD pipelines and modern software delivery systems

• Experience implementing secrets management and security controls across cloud environments

• Experience contributing to or leading security and compliance audits (SOC 2, HIPAA, ISO, NIST, or similar)

• Strong engineering fundamentals with the ability to explain security architecture and tradeoffs clearly to technical teams

• Strong computer science or software engineering foundation with the ability to communicate effectively “engineer-to-engineer.”

• Familiarity with common security frameworks and principles such as the OWASP Top 10, OSI model, and modern cloud security practices.

• Experience participating in or supporting penetration testing, offensive security exercises, or vulnerability remediation efforts.

• You prefer pragmatic, custom-fit solutions over "buying your way out" of a problem with expensive, bloated enterprise tools.

• You are comfortable operating in a fast-moving environment where you may be both defining the strategy and executing hands-on technical work.

Extra Credit Experience

• Experience implementing code scanning or security testing tools (SAST, DAST, dependency scanning)

• Familiarity with endpoint security technologies such as EDR or MDR

• Experience with penetration testing methodologies or offensive security tooling

• Experience building or scaling security programs within early-stage or high-growth engineering organizations

Why You’ll Love Working Here

• Real ownership of security architecture: You’ll help define how security is implemented across the platform and influence critical infrastructure decisions as the company grows. You’ll also play a foundational role in establishing the company’s long-term security strategy as our first dedicated security leader.

• High-leverage technical leadership: This role has broad technical scope and the ability to shape security practices across engineering teams.

• Meaningful security challenges: You’ll work on real-world problems involving infrastructure security, compliance, system reliability, and secure architecture.

• High-trust engineering culture: We value thoughtful engineers who collaborate well, explain their reasoning clearly, and take ownership of important problems.

• Opportunity to build something foundational: You’ll help shape the systems and security practices that protect Pivotal and its customers as we continue to scale. You’ll have the opportunity to build and mature a security program that grows alongside the platform and the business.

Why You’ll Love Working Here

We’re a collaborative, low-ego team on a mission to make healthcare reimbursement fairer for providers. While we primarily hire around our core hubs–Los Angeles and New York–we remain open to exceptional talent outside those regions. Remote and hybrid flexibility varies by role and team, and is outlined in each job description.

If you’re excited by solving complex problems and making a real-world impact, we’d love to hear from you.

Benefits Include:

• Competitive compensation, including equity

• Full health, dental, and vision coverage

• Retirement savings plan through 401(k)

• Flexible time off

• Opportunities for company-wide connection and events

Ready to Make an Impact?
We’re building something meaningful; and we want you on the team.

Bring your ideas, curiosity, and drive, and let’s transform healthcare reimbursement together.

Employment Information

Work Authorization

Candidates must be authorized to work in the United States without current or future employer sponsorship.

Equal Employment Opportunity

Pivotal Health is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, disability, veteran status, or any other legally protected status.

Reasonable Accommodations

Pivotal Health provides reasonable accommodations for qualified individuals with disabilities in accordance with applicable laws. If you need assistance during the application or interview process, please let us know.

Background Checks

Employment is contingent upon successful completion of applicable background checks, where permitted by law.

At-Will Employment

Employment with Pivotal Health is at-will and may be terminated by either party at any time, with or without cause or notice, in accordance with applicable law.