United States onlyPrimary Duties:
- Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
- Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
- Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
- Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures
Minimum Qualifications:
- BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 6 years domain experience without degree
- 6+ years combined experience in an enterprise environment (preferably cloud) in the relevant domain(s).
- 3+ years of experience in a dedicated application security role with focus on establishing secure SDLC and DevSecOps processes.
- 2+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long term business value.
Preferred Knowledge, Skills, an/or Abilities:
- Application Security
- Knowledge of health-tech systems, like Electronic Health Records, Clinical data, PHI, etc, direct experience preferred..
- Experience architecting, developing, and deploying large-scale distributed systems at scale.
- Extensive experience identifying, evaluating and triaging vulnerabilities with Static/Dynamic Application Security Testing (SAST/DAST) methodologies and tools.
- Proven experience conducting code reviews, and threat modeling.
- Extensive experience with developing automated security testing and validation systems using Terraform, Cloudformation, Python, etc.
- Proficient in coding languages such as Python, R, C++, Javascript.
- Extensive experience working in AWS/Azure/GCP software development environment..
- Proven experience with implementing security controls for web-based SaaS applications such as API Security, WAF, etc.
- In-depth knowledge of AI/LLM and machine learning architectures and best practices for securing them.
- In-depth knowledge of OWASP Top 10 vulnerabilities along with containment and remediation best practices.
- Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go).
- 4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value
- Experience with health-tech systems, like Electronic Health Records, Clinical data, etc preferred.
What Does This Mean for You?At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.
In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:
Flexible work schedules and the ability to work remotely are available for many rolesHealth, dental and vision insurance paid up to 80% for employees, dependents and domestic partnersRobust time-off plan (21 days of PTO in your first year)Two paid volunteer days and 11 paid holidays12 weeks paid parental leave for all new parentsSix weeks paid sabbatical after six years of serviceEducational Assistant Program and Clinical Employee Reimbursement Program401(k) with up to 4% matchStock optionsAnd much more!
At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.
Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at https://www.aledade.com/privacy-policy-applicants
