Senior Security Engineer I

Summary

Join Aledade as a Senior Security Engineer I and play a key role in securing our enterprise, cloud-native environments, and applications. You will focus on GRC, ensuring compliance, managing risk, and protecting patient data. Leverage data to improve security posture and collaborate with stakeholders. Lead risk management efforts, including third-party risk management. Contribute to security documentation and refine our security program. This role requires strong technical skills and experience in GRC, risk management, and security compliance. Aledade offers a comprehensive benefits package including flexible work schedules, remote work options, health insurance, paid time off, parental leave, and more.

Requirements

• Hold a Bachelor's (or higher) degree in Computer Science, Information Technology, Cybersecurity or a related field, or have 6 years of security domain experience without a degree
• Have 4+ years of combined experience as a GRC specialist in an enterprise environment (preferably cloud) across multiple disciplines
• Have 3+ years of relevant work experience in risk reporting, developing & collecting metrics, and working on audits/assessments
• Have 2+ years of experience in performing third party risk management activities

Responsibilities

• Work cross-functionally to measure & report on risk, achieve & maintain compliance, manage assessments/audits, and contribute to security GRC strategy & advisory efforts
• Leverage data to understand trends, metrics, and opportunities to improve our security posture and then help execute on those opportunities with stakeholders
• Lead and enhance risk management efforts, spearhead qualitative risk assessments & quantitative risk analysis, be responsible for third party risk management (TPRM), participate in Customer Trust and be involved in mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security risks / issues
• Help craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures

Preferred Qualifications

• Hold security specific and/or related certifications (e.g. CISSP, CISA, CRISC, CDPSE, CIPP, GIAC, AWS certifications)
• Have knowledge of security frameworks, controls, regulations and industry best practices (e.g. NIST, ISO, SOX ITGC, HIPAA, HICP, CCPA/CPRA)
• Have experience in participating in and leading security GRC projects for a dynamic organization with demonstrated project management skills and driving accountability for meeting deliverables within established timelines
• Have significant familiarity with metrics (e.g. KRI, KPI, OKR) to measure security team service and program effectiveness & consistency
• Have experience implementing, refining and managing the utilization of GRC solutions and related technology tools/software
• Have knowledge & experience in risk quantification (e.g. FAIR) and associated reporting
• Possess a solid understanding of enterprise security technology, appliances, and tools
• Have experience with health-tech systems, like Electronic Health Records, Clinical data, etc
• Have knowledge of security technology and relevant security risks, controls, and vulnerabilities
• Possess a collaborative work style, ability to develop and maintain effective working relationships both internal and external to the organization
• Have experience facilitating meetings with high level, cross-functional teams
• Possess exceptional verbal, written and interpersonal communication skills

Benefits

• Flexible work schedules and the ability to work remotely are available for many roles
• Health, dental and vision insurance paid up to 80% for employees, dependents, and domestic partners
• Robust time off plan: 21 days of PTO in your first year, 2 Paid Volunteer Days & 11 paid holidays
• 12 weeks paid Parental Leave for all new parents
• 6 weeks paid sabbatical after 6 years of service
• Educational Assistant Program & Clinical Employee Reimbursement Program
• 401(K) with up to 4% match
• Stock options