Member of Technical Staff, Security

ABOUT MANDOLIN

Nearly every disease will become treatable in our lifetimes. Mandolin is laying the clinical and financial infrastructure to get groundbreaking treatments to patients faster, powered by AI agents.

Mandolin partners closely with the largest healthcare institutions in the US, covering more than $10B drug spend across the country. We're backed by Greylock, SV Angel, Maverick, SignalFire, and the founders of Vercel, Decagon, and Yahoo.

WHY WE NEED YOU

Mandolin’s usage is climbing quickly and we’re preparing for a broad public launch. The platform must deliver enterprise-grade reliability, airtight security, and effortless developer productivity while processing sensitive healthcare data. We’re looking for a DevSecOps leader who can build and operate a rock-solid cloud foundation—then codify the best-practice guardrails that every engineer will rely on as we scale.

THE ROLE

We’re looking for a senior security practitioner to own the security posture of our cloud infrastructure and software delivery lifecycle.

This isn't just a compliance checklist role, it's a builder's role.

You will design and support the zero-trust foundation, embed security tooling into our developer workflows, and lead proactive threat detection efforts while ensuring our platform on Public Cloud scales safely and efficiently.

WHAT YOU’LL DO

- Architect Zero-Trust Infrastructure on Public Cloud: Design and own resilient cloud infrastructure using Pulumi. Establish strict Zero Trust Networking (ZTN) principles and enforce service-to-service authentication with mTLS. Define autoscaling policies and HA networking for Kubernetes (GKE) and serverless workloads that balance security and cost efficiency.

- Lead Proactive Security & Threat Hunting: Go beyond scanning. Implement threat hunting strategies across our code repositories and CI/CD pipelines. Deploy, tune, and operationalize a SIEM to correlate events across cloud logs, Kubernetes audit trails, and application teleme...