DevOps & Security Engineer - AI-Native Healthcare SaaS

DevOps & Security Engineer - AI-Native Healthcare SaaS

About the Company

Zenara Health is a mental healthcare organization driven by technology, aiming to improve the accessibility and quality of mental wellness services. By integrating AI-driven platforms with professional clinical care, we deliver personalized and effective mental health solutions, creating a smooth digital experience for both patients and providers. We operate as a startup, distinct from a mere department.

Why This Role Exists

This position serves as the company's foremost line of defense. You will operate under the assumption that systems are constantly under threat, crafting infrastructure that is resilient, auditable, and inherently secure. You will be the most risk-aware individual in the startup — and that’s exactly what we require. While others concentrate on feature rollout, you will prioritize the security of patient data, regulatory compliance, and system integrity.

About the Role

If your understanding of DevOps is limited to "I occasionally execute kubectl apply," this position is likely not for you. This role is not suited for those who prioritize speed over safety or view security as an afterthought to be addressed later. At Zenara, safeguarding patient data and maintaining system integrity takes precedence over rapid deployment. Our team is in the process of developing a platform that manages clinical data, operates AI workflows, and processes insurance billing — all within a HIPAA-regulated environment catering to real psychiatric practices. Our infrastructure is operational; however, we lack an individual who will take ownership with a security-first perspective. We currently do not have a dedicated CI/CD owner, a comprehensive security posture, or monitoring that extends beyond simple uptime checks. If HIPAA auditors were to arrive tomorrow, we could withstand the scrutiny — but it wouldn’t be a pleasant experience. You will be responsible for Zenara’s infrastructure, security posture, and compliance engineering — everything from the ground up. This includes:

• CI/CD pipelines
• HIPAA-compliant deployment automation
• Monitoring and alerting systems
• Cybersecurity measures and threat defense
• Access controls
• Audit logging — the complete spectrum of "essential elements that ensure the safe operation of a healthcare company."

However, your role will go beyond mere maintenance. You will also develop infrastructure for our AI platform, encompassing model serving, scaling AI workloads, and supporting production AI pipelines.