About Nabla

We are a team of entrepreneurs, clinicians and engineers committed to bringing back joy to the practice of medicine.

Together with a community of clinician innovators, we’ve harnessed the best of machine learning science to develop Nabla: the leading AI assistant that’s restoring the human connection at the heart of healthcare. By streamlining clinical documentation, Nabla is helping clinicians focus on matters most - patient care. Today, over 85,000 clinicians across 130+ healthcare organizations trust Nabla to support how they deliver care every day.

We’re at the start of an ambitious journey: Ambient listening, dictation, coding, and command capabilities are all converging into a proactive assistant that intuitively streamlines clinical and financial workflows.

Backed by a recent $70M Series C, we’re hiring to build the next generation of clinical AI and improve the lives of clinicians and patients everywhere.

This is a great time to join us!

The best of AI at the service of healthcare

Nabla’s phenomenal traction is the result of 3 years of diligent product development.

Led by former Meta AI Research engineers, our team has consistently anticipated how AI can revolutionize healthcare delivery. Our Machine Learning team continually leverages the latest advancements to unlock AI’s full potential in healthcare.

Yann LeCun, Meta’s Chief AI Scientist and Turing award winner, is an advisor to Nabla.

Engineering at Nabla

Engineering at Nabla is lean, fast-moving, and deeply technical. Our teams span machine learning, native desktop applications, and platform infrastructure to deliver AI into clinical settings reliably and at scale..

We are looking for a hands-on lead security engineer to own the technical side of our security program. You’ll partner with our Head of Information Security and Head of IT to build and operate a best-in-class infrastructure and application security function. Our SaaS is fully hosted on Google Cloud and handles highly sensitive healthcare data, so security is core to everything we do.

This role is ideal for a senior security engineer or manager who wants to take ownership, and build a security engineering function from the ground up in a fast-scaling startup environment.

Your Team

You will report to the CTO and work closely with the Head of Security, Engineering Managers, and Operations. This is a high-trust, high-ownership role with broad cross-functional exposure.

What You’ll Do

Infrastructure Security

• Harden our Google Cloud infrastructure (network, firewalls, proxies, IAM policies, service controls)

• Deploy and manage web application firewalls, DDoS protection, intrusion detection / prevention systems

• Ensure security architecture aligns with healthcare compliance requirements (HIPAA, SOC 2, ISO 27001, GDPR)

• Assess and mitigate security risks related to AI workflows and sensitive data processing pipelines

Application Security

• Define and enforce authentication & authorization strategies for customer-facing applications (OAuth, SAML/SCIM support, least privilege) in collaboration with IT for internal identity and SSO management

• Integrate security into the SDLC: SAST, DAST, dependency scanning, IaC scanning, container scanning, and CI/CD pipeline hardening

• Conduct threat modeling and security reviews for new features and system designs

• Establish and maintain secure coding guidelines

• Monitor vulnerabilities and track remediation

External Partnerships

• Support relationships with pentesting firms, security assessors, and red-teaming partners

• Operate vulnerability disclosure and bug bounty programs

• Support incident response including forensic analysis

Security Operations (SecOps)

• Select, deploy, and manage security tools (SIEM, SOAR, log aggregation) to efficiently detect, investigate, and respond to threats, in collaboration with IT for endpoint protection (EDR/MDM).

• Build incident detection and response playbooks and continuously improve response capabilities

• Monitor and triage security alerts, collaborating with engineering and IT on incident resolution

Data Protection

• Ensure encryption at rest and in transit with secure key management (KMS, HSM)

• Implement data minimization, tokenization, and pseudonymization strategies where appropriate

• Maintain detailed audit trails and logging for sensitive data access, and implement data loss prevention (DLP) controls where applicable, in line with HIPAA/GDPR requirements

Cross-functional Collaboration & Culture

• Partner with the Head of Information Security (compliance & governance) to align technical controls with SOC 2, ISO 27001, HIPAA, and GDPR requirements

• Work with the Head of IT on endpoint security, vendor security, and access management

• Foster a culture of secure development, running workshops and sharing best practices with engineering teams

Your DNA

• 6–10+ years in security engineering roles (infrastructure, application, or cloud security)

• Hands-on experience with Google Cloud security stack (IAM, VPC, Shielded VMs, Cloud Armor, etc.)

• Proven track record deploying and managing modern security tools (EDR, SIEM, IDS/IPS, WAF)

• Strong understanding of modern web application security (authN/authZ, OWASP Top 10, CSP, API security)

• Experience with secure SDLC practices (CI/CD pipeline scanning, SAST, DAST, IaC security)

• Excellent communicator able to work cross-functionally with engineering, compliance, and IT

• Bonus: experience in regulated industries (healthcare, fintech, govtech)

Why Join Us

• Security is mission-critical — you’ll have executive sponsorship and direct CTO partnership

• Opportunity to build and shape the security engineering function from scratch

• Work on meaningful challenges in healthcare, where protecting data is protecting lives

Where you’ll be based

Our offices are based in Paris 3e (Arts & Métiers).

Remote policy: Hybrid

Working Language: English

Benefits

Just like we’re dedicated to supporting doctors’ well-being, ensuring yours is a top priority. We firmly believe that by prioritizing your well-being, we support you to excel in your work.

Here are the benefits you get when joining Nabla:

• Stock ownership

• 100% healthcare coverage

• Meal vouchers

• Public transportation costs covered at 50%

• Exercise class during the workday: Yoga, running, pilates, HIIT

• Unlimited budget for book purchases, so you can continue to learn about IT, security, and leadership

• Culture of trust & accountability — your output matters more than your clock-in time

Life at Nabla

When you become a part of our company, you join a team of excellence-driven, curious, and genuinely kind individuals. Together, we're committed to making clinicians' lives easier and improving healthcare experiences for everyone. We believe in a world where clinicians can focus on what they were trained to do - caring for their patients, and where no patient feels their visit was rushed.

We come to work excited to leverage AI to do more for clinicians. We’re obsessed with our users’ satisfaction and we actively seek out opportunities to engage one-on-one with clinicians to understand how Nabla can better help. We consistently look for ways to improve and do not shy away from doing the work to excel. Whether it’s a feature our users asked for, or a new article for our blog, we prioritize collaboration to deliver exceptional outcomes.

We love having fun as much as we love work. Our #nablabla channel is as active as our #feature-show-off channel, we exercise during the work day at least 3 times a week (yoga, running, pilates, or HIIT, your choice!), enjoy regular off-sites to gather the team, and travel to see each other in places like NY, Paris, San Francisco, and many other vibrant cities. Oh, and we’re constantly snacking on chocolate or nuts!

If this sounds like an environment you’ll thrive in, we look forward to reading your application!

Our Values at Nabla

Joining Nabla means being part of a team that shares a commitment to excellence, humility, growth, and inclusion.

Every day is a new chance to excel

We aim for nothing less than the best and are willing to put in the effort and dedication required to exceed standards. We learn from yesterday’s failures and do better every day.

Stay humble

There’s no place for ego in our team. Our collective success is more important than individual achievements. We see humility as wisdom — keeping focus on the bigger picture.

Feedback is a gift

We embrace feedback and foster a culture of trust and respect that helps everyone grow. We communicate openly about both achievements and challenges, and we actively involve each other in finding solutions.

Committed to diversity

We recognize the ongoing challenge of diversity in tech. Our responsibility starts with fostering an inclusive environment where everyone feels empowered to be their authentic selves and do their best work.

Diversity & Inclusion

Diversity and inclusivity are fundamental values at Nabla. We embrace individuals from various backgrounds, including race, gender, educational history, sexual orientation, and beyond.

As an equal opportunity employer, we actively seek out and welcome applicants from diverse backgrounds, believing that a wide range of perspectives enriches our team and enhances our ability to innovate and thrive.

Avoid recruitment scams: Stay safe and informed

There is an active employment scam which is now using Nabla to collect personal information or financial scams. If you’re contacted by a Nabla recruiter, please ensure whomever is contacting you truly represents Nabla and is utilizing a nabla.com email address. We will never ask for the exchange of any money or credit card details during the recruitment process. Nabla utilizes a hiring platform for all applications; please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Nabla. You can find more information following this link.
Nabla does not accept unsolicited CVs from recruiters or employment agencies in response to the Nabla Careers page or a Nabla social media post. Any unsolicited CVs, including those submitted directly to hiring managers, are deemed to be the property of Nabla.