Metriport (YC S22) Is Hiring a Security Eng to Harden Healthcare Data Infra

The U.S. healthcare ecosystem is rapidly digitizing, with providers demanding real‑time access to patient information while navigating strict privacy regulations such as HIPAA and HITRUST. Platforms that can aggregate data from disparate EHR systems and deliver it securely have become essential infrastructure for value‑based care, telehealth, and population health analytics. Metriport, an open‑source data‑intelligence layer backed by Y Combinator’s S22 batch, already serves more than 100 customers and handles data for roughly 300 million individuals, positioning it as a critical conduit in this fragmented market.

To protect that scale, Metriport is adding a senior security engineer with six‑plus years of experience in cloud, compliance, and full‑stack security. The role will own end‑to‑end projects such as enterprise‑grade audit logging, fine‑grained RBAC, and secret‑management pipelines integrated into its AWS‑centric CI/CD flow. By embedding security into the development lifecycle and guiding the team through SOC 2, NIST, and HIPAA assessments, the hire will directly safeguard revenue‑critical contracts and reinforce the company’s multi‑million ARR trajectory.

The move reflects a broader trend where health‑tech firms are prioritizing security talent to meet escalating regulator and investor expectations. Competitive compensation—$160‑220 K plus equity—signals the scarcity of engineers who can navigate both technical and compliance complexities. As more providers adopt interoperable data platforms, firms that demonstrate robust, auditable security postures will capture larger market share and attract additional capital. Metriport’s aggressive hiring and founder‑driven culture suggest it aims to scale quickly while maintaining the trust required to handle nation‑wide patient data.