Staff Application Security Engineer, Remote

at  Aledade

The Staff Security Engineer for Application Security will be responsible for designing, implementing, and maintaining security services that support our business. You will understand data and automation are important ingredients to our mission and know how to actively employ these ingredients at scale. Beyond the technical expertise, we value individuals who can partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.

MINIMUM QUALIFICATIONS:

• BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 10 years security domain experience without degree.
• 8+ years of experience in securing and deploying applications within Cloud Native environments.
• 5+ years of experience in a dedicated application security role with focus on establishing secure SDLC and DevSecOps processes.

PREFERRED QUALIFICATIONS:

• Experience architecting, developing, and deploying large-scale distributed systems at scale.
• Extensive experience identifying, evaluating and triaging vulnerabilities with Static/Dynamic Application Security Testing (SAST/DAST) methodologies and tools.
• Proven experience conducting code reviews, and threat modeling.
• Extensive experience with developing automated security testing and validation systems using Terraform, Cloudformation, Python, etc.
• Proficient in coding languages such as Python, R, C++, Javascript.
• Extensive experience working in AWS/Azure/GCP software development environment..
• Proven experience with implementing security controls for web-based SaaS applications such as API Security, WAF, etc.
• In-depth knowledge of AI/LLM and machine learning architectures and best practices for securing them.
• In-depth knowledge of OWASP Top 10 vulnerabilities along with containment and remediation best practices.
• Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go).
• 4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value.
• Experience with health-tech systems, like Electronic Health Records, Clinical data, etc preferred.

WHO WE ARE:

Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we’ve become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of payers, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives, and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you’re eager to join a collaborative, inclusive and remote-first culture - you’ve come to the right place.

• Lead the development, implementation, and ongoing maintenance of comprehensive security strategies and solutions.
• Design and deploy advanced security controls to safeguards networks, systems, and applications.
• Work across disciplines to shape our security services strategy and execution.
• Mentor and galvanize new engineers to do their best work.
• Set and uphold the standard for security processes to support high-quality engineering.