Mandolin
Member of Technical Staff, DevSecOps / Infrastructure
Mandolin, San Francisco, California, United States, 94199
About Mandolin
Nearly every disease will become treatable in our lifetimes. Mandolin is laying the clinical and financial infrastructure to get groundbreaking treatments to patients faster, powered by AI agents.
Mandolin partners closely with the largest healthcare institutions in the US, covering more than $10B drug spend across the country. We're backed by Greylock, SV Angel, Maverick, SignalFire, and the founders of Vercel, Decagon, and Yahoo.
Why we need you
Mandolin's usage is climbing quickly and we're preparing for a broad public launch. The platform must deliver
enterprise-grade reliability, airtight security, and effortless developer productivity
while processing sensitive healthcare data. We're looking for a DevSecOps leader who can build and operate a rock-solid cloud foundation-then codify the best-practice guardrails that every engineer will rely on as we scale.
What you'll do Design & own cloud infrastructure on GCP.
Establish autoscaling policies, HA networking, and cost-efficient environments across staging and prod. Implement comprehensive security controls.
Centralize secrets management and rotation, define zero-trust IAM policies, and integrate continuous vulnerability scanning into CI/CD. Stand up first-class observability.
Deploy and maintain metrics, tracing, and log pipelines (Prometheus, Grafana, Cloud Logging, etc.), plus actionable SLOs and alerting. Streamline developer experience.
Provide dev-containers, local-env scripts, and clear runbooks that let new engineers ship safely on day one. Embed security into the SDLC.
Own IaC (Pulumi), automated compliance checks, and incident-response playbooks. Collaborate across teams.
Review architectural changes for security impact and partner with backend teams on scalability initiatives. Scale the function.
Optionally hire or mentor a junior engineer once the foundation is solid. Must-have experience 8 + years
building and securing production cloud infrastructure, with deep
GCP
knowledge (Cloud Run, Cloud Build, IAM). Expert with container orchestration and autoscaling strategies. Proven record deploying centralized secrets management and automated rotation. Ownership of observability stacks and incident-response pipelines. Strong application-security background (OWASP, API gateway/WAF, dependency & image scanning). Mastery of IaC (Terraform, Pulumi, or equivalent) and CI/CD (GitHub Actions, Cloud Build, GitLab CI, etc.). Comfortable operating in a fast, results oriented, and scaling startup environment. Nice-to-haves Experience with workflow orchestration platforms (Temporal, Cadence, Airflow). Prior work in HIPAA, SOC 2, or similarly regulated environments. Exposure to edge-security patterns (zero-trust networking, service-mesh, mTLS). Background building internal developer platforms or golden-path tooling.
Nearly every disease will become treatable in our lifetimes. Mandolin is laying the clinical and financial infrastructure to get groundbreaking treatments to patients faster, powered by AI agents.
Mandolin partners closely with the largest healthcare institutions in the US, covering more than $10B drug spend across the country. We're backed by Greylock, SV Angel, Maverick, SignalFire, and the founders of Vercel, Decagon, and Yahoo.
Why we need you
Mandolin's usage is climbing quickly and we're preparing for a broad public launch. The platform must deliver
enterprise-grade reliability, airtight security, and effortless developer productivity
while processing sensitive healthcare data. We're looking for a DevSecOps leader who can build and operate a rock-solid cloud foundation-then codify the best-practice guardrails that every engineer will rely on as we scale.
What you'll do Design & own cloud infrastructure on GCP.
Establish autoscaling policies, HA networking, and cost-efficient environments across staging and prod. Implement comprehensive security controls.
Centralize secrets management and rotation, define zero-trust IAM policies, and integrate continuous vulnerability scanning into CI/CD. Stand up first-class observability.
Deploy and maintain metrics, tracing, and log pipelines (Prometheus, Grafana, Cloud Logging, etc.), plus actionable SLOs and alerting. Streamline developer experience.
Provide dev-containers, local-env scripts, and clear runbooks that let new engineers ship safely on day one. Embed security into the SDLC.
Own IaC (Pulumi), automated compliance checks, and incident-response playbooks. Collaborate across teams.
Review architectural changes for security impact and partner with backend teams on scalability initiatives. Scale the function.
Optionally hire or mentor a junior engineer once the foundation is solid. Must-have experience 8 + years
building and securing production cloud infrastructure, with deep
GCP
knowledge (Cloud Run, Cloud Build, IAM). Expert with container orchestration and autoscaling strategies. Proven record deploying centralized secrets management and automated rotation. Ownership of observability stacks and incident-response pipelines. Strong application-security background (OWASP, API gateway/WAF, dependency & image scanning). Mastery of IaC (Terraform, Pulumi, or equivalent) and CI/CD (GitHub Actions, Cloud Build, GitLab CI, etc.). Comfortable operating in a fast, results oriented, and scaling startup environment. Nice-to-haves Experience with workflow orchestration platforms (Temporal, Cadence, Airflow). Prior work in HIPAA, SOC 2, or similarly regulated environments. Exposure to edge-security patterns (zero-trust networking, service-mesh, mTLS). Background building internal developer platforms or golden-path tooling.