Senior Staff Security Engineer, Architect

Summary

Join Aledade as a Senior Staff Security Engineer (Architect) and design, implement, and maintain security services supporting our business. This role demands expertise in application security, security tools, engineering environment setup, and data architecture. You will collaborate cross-functionally to secure our digital landscape. The position requires a strong background in application security, cloud-native environments, and security tools. You will leverage your coding skills and experience to architect secure data systems and improve our security posture. Aledade offers a comprehensive benefits package including flexible work arrangements, health insurance, paid time off, parental leave, and more.

Requirements

• BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity, or a related field, or 10 years of security domain experience without a degree
• 6+ years of experience in securing and deploying applications within Cloud Native environments
• 3+ years of experience in a dedicated application security role
• Extensive experience with security tools and methodologies
• Proficient in coding languages such as Python, R, C++, and JavaScript
• Strong familiarity with server-side web technologies (e.g., Java, Python, Scala, C#, C++, Go)

Responsibilities

• Design and deploy advanced security controls to safeguard applications
• Establish secure Software Development Life Cycle (SDLC) and DevSecOps processes
• Conduct code reviews, threat modeling, and vulnerability assessments using Static/Dynamic Application Security Testing (SAST/DAST) methodologies and tools
• Implement security controls for web-based SaaS applications, including API Security and Web Application Firewalls (WAF)
• Evaluate, deploy, and maintain a suite of security tools, including SIEM, IDS/IPS, DLP, endpoint protection, and threat intelligence platforms
• Integrate security tools into the organization’s infrastructure, ensuring seamless interoperability
• Automate security processes and improve operational efficiency using scripting languages such as Python and PowerShell
• Work with IT, DevOps, and engineering teams to ensure secure deployment and operation of applications within Cloud Native environments (AWS, Azure, GCP)
• Develop automated security testing and validation systems using tools like Terraform and CloudFormation
• Shape security services strategy and execution across disciplines
• Architect and develop secure data systems, ensuring the protection of sensitive data such as Electronic Health Records (EHR) and Clinical data
• Implement and manage tools for continuous vulnerability scanning and patch management
• Leverage data to understand trends, metrics, and opportunities to improve security posture

Preferred Qualifications

• Knowledge of health-tech systems, including EHR and Clinical data
• Experience with AI/LLM and machine learning architectures
• In-depth knowledge of OWASP Top 10 vulnerabilities and best practices for containment and remediation

Benefits

• Flexible work schedules and the ability to work remotely are available for many roles
• Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners
• Robust time-off plan (21 days of PTO in your first year)
• Two paid volunteer days and 11 paid holidays
• 12 weeks paid parental leave for all new parents
• Six weeks paid sabbatical after six years of service
• Educational Assistant Program and Clinical Employee Reimbursement Program
• 401(k) with up to 4% match
• Stock options