Security Architect I

Are you looking for a team that is energized by the constantly evolving world of application design and security? We are preparing for the future and are looking for a talented, experienced Security Architect - I to join us in building things from inception with deep-rooted security principles and design.

As a security expert, you will play a critical role in ensuring that our systems are secure and resilient. You will help Phreesia in securely configuring public cloud and data center infrastructure. You’ll work on building and understanding threat models in our release pipelines and runtime, as well as dig deep into our application code and the Phreesia application itself.

Our offering spans a wide array of cutting-edge technologies including Classic web applications, Android and hardware builds, Credit Card Security and HSMs, Classic Datacenters and the Cloud. We operate in an interesting compliance space that includes both healthcare and card compliance, making this role a constantly creative and challenging one.

What You’ll Do:

• Build (both visually and via documentation) threat models and perform security reviews on Phreesia’s applications and infrastructure.
• Assist to define and integrate Security Architecture standards and Secure SDLC processes across the organization, ensuring our security practices stay top-notch and our products remain unbeatable.
• Be the go-to person for Application Security for web, devices and backend platforms.
• Assist to design high-tech security practices via CI/CD pipelines for our cloud and container release platforms.
• Collaborate with development teams, DevOps, and platform engineering teams to integrate security controls and secure coding practices.
• Assist in design and scaling of security projects like SAST, DAST, WAF, etc.
• Dive deep into our most critical applications and their technology stack, exploring every aspect from the ground up.
• Dig into code to seek deep understanding of the application’s logic and identify security vulnerabilities.
• Empower and inspire our team of developers, architects, and others through training in secure coding and design principles to build the most robust and secure applications possible.
• Support compliance programs like SOC2, PCI, HIPAA and HITRUST certifications in Phreesia.
• Mentor other members of the Security Architecture and Infrastructure teams.

What You’ll Bring:

• Bachelor's degree in computer science or related disciplines.
• 8+ years of overall experience in software development, information security, or information technology, including 5+ years in security engineering or software development and 2+ years in application security field.
• Have knowledge in the DevSecOps processes
• Advanced skillset in the application security: HSTS, CSPs, and a working knowledge of the OWASP Top Ten exploitation paths and control mitigations to protect against them. Experience in Cloud Security is required.
• A guardrail, not gates, mentality and agree that the best security happens via collaboration and practical direction.
• Experience with industry leading compliance programs such as SOC2, HITRUST, PCI DSS, ISO 27001, etc is required
• SSCP, CEH, CompTIA CASP+, or equivalent certifications are preferred.
• Advanced skillset in defining and integrating Security Architecture standards and Secure SDLC across the organization. A general understanding of old and new development patterns: Release cycles, CI/CD, Code check-in and review.
• Have advanced knowledge of build concepts like pipelines, runners, and security checks in early lifecycle build. A background in container build environments.
• Demonstrated advanced experience conceptualizing and thinking about threat assessments and threat modeling both in the release cycle and containerized environments.
• Knowledge of microservices oriented architecture.
• Ability to prioritize various tasks and projects while thriving in a hands-on, collaborative environment. You’ll be working with teams across the organization so we’re looking for someone who can lead with empathy.

Who We Are:

At Phreesia, we’re looking for smart and passionate people to help drive our mission of creating a better, more engaging healthcare experience. We’re committed to helping healthcare organizations succeed in an ever-evolving landscape by transforming the way healthcare is delivered.Our SaaS platform digitizes appointment check-in and offers tools to engage patients, improve efficiency, optimize staffing, and enhance clinical care.

Phreesia cares about our employees by providing a diverse and dynamic work environment. We’re a five-time winner of Modern Healthcare Magazine’s Best Places to Work in Healthcare award and we’ve been recognized on the Bloomberg Gender Equality Index. We are dedicated to continuously improving our employee experience by launching new programs and initiatives. If you thrive in a culture of recognition, value inclusivity, professional development, and growth opportunities, Phreesia could be a great fit!

Top-rated Employee Benefits:

Remote First: 100% Remote work + home office expense reimbursements+ monthly reimbursement for cell phone, internet and wellness.

Top of market rewards: Competitive compensation

Take time when you need time: Flexible PTO + company holidays

Top class healthcare benefits: Variety of healthcare benefits for you and your family (and your pets!) starting day one

Care about your families: Generous top-up for parental leave benefits

Support personal development: Continuing education and professional certification reimbursement

Connecting in person: Various offsite events and activities for team to connect and meet in person, to support team building and engagement.

Giveback to community: Local in-person volunteer events, and give back programs to our communities.

Recognition and perks: We have a company wide recognition tool (Phireworks) to celebrate milestones, recognize achievements and strengthen your bond with your teams. You can accumulate points and redeem them for a wide catalogue of items!

Diversity and inclusive environment: At Phreesia, all employees are encouraged to bring their authentic self to work, feel supported and perform at their best. We have a variety of Employee Resources Groups (ERGs) which bring together individuals from a wide range of backgrounds, experiences and perspectives, and seek to foster a sense of shared community and empowerment for employees who share a common social identity, such as gender, race, ethnicity, and sexual orientation.

We strive to provide a diverse and inclusive environment and are an equal opportunity employer.

At Phreesia, we’re transforming the patient experience and giving healthcare organizations the capacity to do more—and we need smart, innovative problem-solvers to help us get there.

Phreesians have a wide range of backgrounds—you don’t need to be a healthcare expert or a technology geek to succeed on our team. We’re looking for talented, diverse individuals who want to make a difference in healthcare.