AI Security Automation Engineer

Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

Employer work visa sponsorship and support are not provided for this role. Applicants must be currently authorized to work in the United States at hire and must maintain authorization to work in the United States throughout their employment with our company
Join our Security Engineering team as an AI Security Automation Engineer focused on embedding security into the SDLC and improving DevSecOps efficiency through automation, analytics, and AI-assisted tooling. You will partner with engineering, platform, and product teams to reduce risk, streamline security operations, and improve the developer experience by designing and operating scalable security automations. This is a remote role in the U.S., hybrid-eligible depending on team needs, and reports to the Security Engineering Manager.

About the Team

The Security Engineering team builds automation, tooling, and processes to protect applications, services, and the software supply chain across athenahealth. We operationalize application security (SAST/DAST/SCA), secrets management, and CI/CD controls, leveraging modern developer tools, cloud platforms (AWS/Azure), CI/CD pipelines, code repositories, and observability systems to deliver secure, scalable solutions that improve developer productivity and reduce operational risk.

Essential Responsibilities

• Integrate security controls and automated testing into delivery pipelines and SDLC workflows in partnership with engineering, platform, and product teams.
• Design, implement, and maintain automation for SAST, DAST (web and API), SCA, and secrets scanning to accelerate detection and remediation.
• Build pipeline-integrated security controls and orchestration in CI/CD systems (including Harness and related build/deploy workflows).
• Create and maintain automated triage workflows and integrations (IDE and server-side) to prioritize findings and drive standardized remediation playbooks.
• Tune analysis pipelines and security rules to reduce false positives and operational noise.
• Automate identification of affected assets and dependency impact across inventory sources and dependency graphs to speed critical vulnerability response.
• Produce and maintain runbooks, playbooks, and documentation for recurring findings, remediation steps, and operational processes.
• Support the security exception process: documentation, approvals, and lifecycle tracking.
• Evaluate and integrate AI-assisted security tools into workflows; assess output quality, document limitations, and define safe usage and review practices.
• Develop unit tests, demos, and user-facing documentation to validate security automations and demonstrate value to engineering teams.

Additional Responsibilities

• Participate in incident response and post-incident analysis to expand detection and automation coverage.
• Prototype and evaluate new security tooling or integration approaches to improve operational efficiency.
• Contribute to internal training and knowledge sharing on security automation best practices.
• Collaborate with cloud/infrastructure teams to ensure controls operate effectively in cloud environments.
• Support security assessments and audits by producing necessary artifacts and evidence.

Expected Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience.
• Strong knowledge of web and application security fundamentals (OWASP Top 10 and related risk models).
• Hands-on experience with SAST, DAST, SCA, or secrets scanning tools in production environments.
• Experience integrating security tooling into CI/CD and modern development workflows (pull requests, pipeline integrations).
• Proficiency in at least one automation language (Python, JavaScript/TypeScript, or similar) and experience writing unit tests for automation code.
• Practical experience with cloud platforms (AWS or Azure) and cloud security fundamentals (IAM, networking, logging/monitoring).
• Experience building CI/CD-integrated controls and automation; familiarity with Harness is a plus.
• Strong collaboration and communication skills; proven ability to work cross-functionally with engineering and platform teams.
• Experience producing runbooks, demos, and user documentation for technical audiences.

Preferred

• Experience with software supply chain security practices and relevant tooling.
• Background in agent-based or IDE integrations that assist or automate remediation workflows.
• Familiarity with observability and monitoring systems used to validate security automations.

Work Mode & Reporting (optional)

• Remote — U.S. (hybrid-eligible depending on team needs).
• Reports to Security Engineering Manager.
• May require occasional off-hours participation for incidents or major releases.

Expected Compensation

The base salary range shown reflects the full range for this role from minimum to maximum. At athenahealth, base pay depends on multiple factors, including job-related experience, relevant knowledge and skills, how your qualifications compare to others in similar roles, and geographical market rates. Base pay is only one part of our competitive Total Rewards package - depending on role eligibility, we offer both short and long-term incentives by way of an annual discretionary bonus plan, variable compensation plan, and equity plans.