United States onlyJoin us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
Lead Software Security Engineer
We are looking for a Lead Security Engineer to help increase the security capabilities of our teams. You will work closely with scrum teams, product managers, and engineering leadership to improve the quality and adoption of athena’s Security Development Lifecycle practices. But enough about us; let’s talk about you!
You are a curious problem solver with a passion for security. You love improving the quality and adoption of Security Development Lifecycle practices and you thrive working in technical leadership roles with a high degree of independence.
The Team: Join a collaborative group that solves new and interesting application security problems at scale. Use your security, engineering, and communication skills to make a difference with the company that allows medical professionals to focus on what they do best - treat patients.
Job Responsibilities
Responsible for socializing and driving the execution of key security best practices across the R&D organization
Contribute to enterprise security catalog of best practices, techniques and patterns to enable secure implementation of features in products/product families
Ensure organization effective use of application security tools (SAST, DAST, SCA, APIactive testing), including them into unified pipeline where relevant with the goal to prevent vulnerabilities from being introduced into the product features during the development lifecycle
Identify and explain feature level design or architectural weaknesses which could result in security issues
Partner with key stakeholders including enterprise security leadership to track and prioritize open issues and follow up on resolution
Work with key stakeholders like DevOps, Infrastructure, et al to build security hardened tech stacks that are used for development and production
Document, share, and help automate coverage for common abuse cases and attacks
Typical Qualifications
Bachelor's degree in Computer Science, Computer Engineering, Cyber Security or similar or equivalent experience
At least 3 years experience as a software developer and 3-5 years in a security focused development role in an agile development environment
Experience in software and product design and architecture, product security, security issue prevention and mitigation strategies
Strong knowledge of programming languages - Java, JavaScript (NodeJS), C#, Perl, Python, etc. In addition to the ability to understand code we need a demonstrated capability to understand security bugs in it.
Practical experience with Docker and Terraform
Knowledge of key security technologies like OAuth, SAML, etc.
Solid understanding of the web services world including RESTful services, Service Bus architectures, JSON etc
Experience with Static and Dynamic Code Analysis tools like Veracode, CheckMarx, AppSpider, HP Fortify, HP WebInspect, IBM AppScan, Coverity etc.
Current knowledge of HIPAA, HITRUST, PCI-DSS requirements
About athenahealth
Here’s ourvision: To create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
What’s unique about our locations?
From an historic, 19thcentury arsenal to a converted, landmark power plant,allofathenahealth’s offices were carefully chosen to represent our innovative spirit and promote the most positive and productive work environment for our teams. Our10offices across the United States and India —plus numerous remote employees —all work to modernize the healthcare experience, together.
Our company culture might be our best feature.
We don't take ourselves too seriously. But our work? That’s another story.athenahealth develops andimplements products and services that support US healthcare: It’sour chance to create healthier futures for ourselves, for our family and friends, for everyone.
Our vibrant and talented employees — orathenistas, as we call ourselves — spark the innovation and passion needed to accomplishour goal. We continue to expand our workforce with amazing people who bring diverse backgrounds, experiences, and perspectives at every level, and foster an environment where every athenista feels comfortable bringing theirbestselves to work.
Our size makes a difference, too: We are small enoughthatyourindividual contributionswill stand out— butlarge enoughto grow your career with ourresources and established business stability.
Giving back is integral to our culture. OurathenaGivesplatform strives tosupport food security, expand access to high-quality healthcare for all, and support STEM education to develop providers and technologists who will provide access to high-quality healthcare for all in the future. As part of the evolution of athenahealth’sCorporate Social Responsibility(CSR)program, we’ve selected nonprofit partners that align with our purpose and let us foster long-term partnerships for charitable giving, employee volunteerism, insight sharing, collaboration, and cross-team engagement.
What can we do for you?
Along with health and financial benefits,athenistasenjoy perks specific to eachlocation, including commuter support, employee assistance programs, tuition assistance,employeeresource groups, and collaborative workspaces — some offices even welcome dogs.
In addition to our traditional benefits and perks, we sponsor events throughout the year, includingbook clubs, external speakers, and hackathons. And weprovideathenistaswithacompany culturebased onlearning,the support of anengaged team,andan inclusive environment where all employees are valued.
We alsoencourage a better work-life balance forathenistaswith our flexibility. Whilewe know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.
athenahealth is committed to a policy of equal employment opportunity—that’s why we recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law. We’re happy to provide a reasonable accommodation, for those with a disability, to complete any part of the application process. If you are unable to access or use this online application process and need an alternative method for applying, please contact us at taoperations@athenahealth.com for assistance.
https://www.athenahealth.com/careers/equal-opportunity
