Enable job alerts via email!

Senior Security Engineer II - Application Security, Remote

Aledade, Inc.

United States

Remote

USD 100,000 - 125,000

Full time

30+ days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Join a forward-thinking company as a Senior Security Engineer II, where your expertise in application security will play a crucial role in safeguarding digital assets. In this dynamic position, you'll design and implement security services, leveraging data to enhance security posture and automate processes. Collaborating with cross-functional teams, you'll lead incident response efforts and mentor junior engineers. This role offers an exciting opportunity to make a significant impact in a health-tech environment, where your contributions will help shape the future of secure application deployment and management. If you're passionate about security and thrive in a collaborative setting, this is the perfect opportunity for you.

Qualifications

  • 10+ years in security domain or 6+ years in cloud application security.
  • Experience in secure SDLC and DevSecOps processes.

Responsibilities

  • Design and operate solutions to enhance security capabilities.
  • Lead incident response efforts and refine security documentation.

Skills

Application Security
Cloud Native Security
Secure SDLC
DevSecOps
Vulnerability Assessment
Incident Response
Threat Modeling
Automation
Coding (Python, R, C++, Javascript)

Education

Bachelor's in Computer Science
Bachelor's in Information Technology
Bachelor's in Cybersecurity

Tools

Terraform
CloudFormation
AWS
Azure
GCP
SAST/DAST Tools

Job description

The Senior Security Engineer II for Application Security, you will be responsible for designing, implementing, and maintaining security services that support our business. You will understand data and automation are important ingredients to our mission and know how to actively employ these ingredients at scale. Beyond the technical expertise, we value individuals who can partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.

Primary Duties:
  • Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
  • Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
  • Leading and enhancing incident/issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents/issues
  • Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures
  • Mentoring and coaching more junior engineers or analysts.
Minimum Qualifications:
  • BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 10 years security domain experience without degree
  • 6+ years of experience in securing and deploying applications within Cloud Native environments
  • 3+ years of experience in a dedicated application security role with focus on establishing secure SDLC and DevSecOps processes.
Preferred Knowledge, Skills, and/or Abilities:
  • Application Security
  • Knowledge of health-tech systems, like Electronic Health Records, Clinical data, PHI, etc., direct experience preferred.
  • Experience architecting, developing, and deploying large-scale distributed systems at scale.
  • Extensive experience identifying, evaluating and triaging vulnerabilities with Static/Dynamic Application Security Testing (SAST/DAST) methodologies and tools.
  • Proven experience conducting code reviews, and threat modeling.
  • Extensive experience with developing automated security testing and validation systems using Terraform, Cloudformation, Python, etc.
  • Proficient in coding languages such as Python, R, C++, Javascript.
  • Extensive experience working in AWS/Azure/GCP software development environment.
  • Proven experience with implementing security controls for web-based SaaS applications such as API Security, WAF, etc.
  • In-depth knowledge of AI/LLM and machine learning architectures and best practices for securing them.
  • In-depth knowledge of OWASP Top 10 vulnerabilities along with containment and remediation best practices.
  • Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go).
  • 4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value.
  • Experience with health-tech systems, like Electronic Health Records, Clinical data, etc preferred.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs

Senior Security Engineer II - Application Security, Remote

Aledade

Remote

USD 120,000 - 160,000

Yesterday
Be an early applicant