Security Architect

Security Architect

Enzo Health is a healthcare technology company transforming home health operations through purpose-built artificial intelligence. We deliver a secure, HIPAA-compliant AI platform that unifies intake, clinical documentation, coding, and quality assurance—enabling agencies to reclaim time and revenue while elevating patient care.

Enzo addresses the critical challenges facing home health agencies today: rising operational costs, clinician burnout, shrinking reimbursement margins, and increasing compliance demands. Our integrated AI solution automates documentation workflows from referral to final QA, allowing clinical staff to focus on delivering exceptional patient care.

Our Solutions

• Enzo Intake: Delivers intake decisions in seconds, automatically extracting key data from referrals to increase admissions and reduce processing delays.
• Enzo Scribe: Auto-generates OASIS documentation, clinical narratives, and care plans, reducing documentation time by up to 75%.
• Enzo QA: Ensures documentation meets the highest clinical standards with approximately 95% coding accuracy, reducing compliance risk while increasing reimbursement by an average of $185 per episode.

Our Impact

Trusted by top-performing home health agencies nationwide, Enzo delivers measurable results: documentation time under 25 minutes per visit, referral intake under 5 minutes, and 30-50% savings per episode of care. These efficiencies effectively double staff capacity while maintaining exceptional quality and compliance.

As reimbursement pressures intensify, Enzo Health empowers agencies to navigate cost-cutting measures without compromising care quality, positioning AI as the essential strategy for sustainable growth in home health.

About the role

We're looking for a hands-on Security Architect to design and build the systems that keep Enzo Health—and the protected health information we're entrusted with—safe at the speed AI is changing the threat landscape. Offensive tooling, AI-assisted fuzzing, and LLM-powered scanners have compressed time-to-exploit from weeks to hours. Closing that gap is the job.

This is a builder's role, not a policy role. You'll own the end-to-end security architecture of a HIPAA-regulated AI platform, design automated pipelines that discover, validate, and remediate vulnerabilities, and write the code that makes it real. You'll work directly with engineering leadership to shape both technical direction and security posture from the foundation up.

This is a full-time, in-office role at our Lehi, UT headquarters. Remote work is not available for this position.

What You'll Do

• Design and build automated security pipelines that operate at the speed of modern, AI-assisted adversaries
• Own the full vulnerability lifecycle: discovery → dynamic validation → automated remediation → verification
• Build exploit validation harnesses, LLM-powered remediation tooling, and PR-time security analysis into our CI/CD
• Threat-model our own systems, including AI-specific attack surfaces (prompt injection, model supply chain, agent abuse)
• Lead HIPAA, SOC 2, and emerging compliance programs as engineering work, not paperwork
• Partner with engineering on secure-by-default architecture: auth, secrets, data isolation, BAA chain, SSO/SCIM
• Establish detection, incident response, and observability for the security pipeline itself
• Write clean, maintainable code and set the bar for security practices across the engineering team
• Move quickly—balancing rigorous adversarial thinking with shipping working systems

Qualifications

• 7+ years in security engineering, application security, or security architecture, with a strong track record of shipping code
• Deep experience in at least one of: vulnerability research, red team / offensive security, or secure systems design
• Comfort building systems, not just auditing them—you've shipped tooling, not just findings
• Strong programming skills in Python, TypeScript/Node, Go, or Rust
• Experience securing cloud infrastructure (AWS preferred) and modern stacks: containers, IaC, managed databases, CI/CD
• Familiarity with HIPAA, SOC 2, HITRUST, or other regulated compliance environments
• Adversarial mindset—you reflexively threat-model your own designs and the systems around you
• Experience or strong interest in AI/ML security: prompt injection, model integrity, LLM-powered offense and defense
• Bias toward action and a strong sense of end-to-end ownership
• Able to work full-time, on-site in Lehi, UT (relocation considered for the right candidate)

Why This Role Matters

Enzo Health handles protected health information for some of the country's top home health agencies. The trust those agencies place in us is the foundation of everything we ship. As Security Architect, you'll define how we defend a fast-moving AI platform against a fast-moving threat landscape—building the systems, not just the policies, that keep our customers and their patients safe.

What We Offer

• Competitive salary and meaningful equity
• High ownership and the ability to shape the security function from day one
• Direct collaboration with founders and engineering leadership
• A fast-paced, product-driven engineering culture
• The opportunity to defend technology that meaningfully improves healthcare operations