Description:

The Senior Security Engineer II for Application Security will be responsible for designing, implementing, and maintaining security services that support the business.
This role emphasizes the importance of data and automation in achieving security goals at scale.
The position requires collaboration across various teams to drive impactful outcomes and enhance the security of the digital landscape.
Primary duties include working cross-functionally to design, build, and operate solutions that improve and automate security capabilities.
The engineer will leverage data to identify trends and opportunities for improving security posture and execute on these opportunities with stakeholders.
The role involves leading incident response efforts, including analysis, containment, and mitigation strategies in a cross-functional environment.
The engineer will help craft and refine security documentation relevant to the Security Program, such as policies, standards, and operating procedures.
Mentoring and coaching junior engineers or analysts is also a key responsibility.

Requirements:

A BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity, or a related field is required, or 10 years of security domain experience without a degree.
Candidates must have at least 6 years of experience in securing and deploying applications within Cloud Native environments.
A minimum of 3 years of experience in a dedicated application security role focusing on secure SDLC and DevSecOps processes is required.
Preferred knowledge includes familiarity with health-tech systems, experience in architecting large-scale distributed systems, and extensive experience with SAST/DAST methodologies.
Proven experience in conducting code reviews, threat modeling, and developing automated security testing systems using tools like Terraform and Python is essential.
Proficiency in coding languages such as Python, R, C++, and Javascript is required.
Candidates should have extensive experience working in AWS, Azure, or GCP software development environments.
Knowledge of implementing security controls for web-based SaaS applications and familiarity with OWASP Top 10 vulnerabilities is preferred.
Strong familiarity with server-side web technologies and experience acting as a trusted technical decision-maker in a team setting is necessary.

Aledade offers flexible work schedules and the ability to work remotely for many roles.
Health, dental, and vision insurance is provided, covering up to 80% for employees, dependents, and domestic partners.
A robust time-off plan includes 21 days of PTO in the first year, 2 paid volunteer days, and 11 paid holidays.
New parents are entitled to 12 weeks of paid parental leave.
Employees receive a 6-week paid sabbatical after 6 years of service.
The company provides an Educational Assistant Program and a Clinical Employee Reimbursement Program.
A 401(K) plan with up to a 4% match and stock options are also included in the benefits package.
Additional benefits and a commitment to a diverse and inclusive work environment are emphasized.