Staff Security Engineer (DevSecOps)

The Staff Security Engineer will be responsible for designing, implementing, and maintaining security services at scale within Cloud Native environments. This role requires leading the development of comprehensive security strategies, deploying advanced security controls, and setting high standards for security processes. The engineer will also partner cross-functionally to drive impactful security outcomes and mentor new engineers, leveraging data and automation to secure the digital landscape.

Must Have

• Lead the development, implementation, and ongoing maintenance of comprehensive security strategies and solutions.
• Design and deploy advanced security controls to safeguard networks, systems, and applications.
• Work across disciplines to shape security services strategy and execution.
• Set and uphold the standard for security processes to support high-quality engineering.
• 8+ years of experience in software or security engineering within Cloud Native environments.

Good to Have

• Experience architecting, developing, and deploying large-scale distributed systems.
• Experience with cloud technologies (AWS, Azure, GCP).
• Experience building continuous integration and continuous development (CI/CD) pipelines.
• Strong familiarity with server-side web technologies (Java, Python, Scala, C#, C++, Go).
• 4+ years of experience acting as a trusted technical decision-maker in a team setting.
• Experience with health-tech systems (Electronic Health Records, Clinical data).
• Led security architecture reviews for enterprise-scale systems (microservices architectures, data platforms like Databricks, Snowflake, cloud-native applications).
• Established Infrastructure Security as Code practices (automated security policy enforcement, drift detection, infrastructure vulnerability scanning integrated into Pulumi deployment workflows).
• Established security review processes and governance frameworks (standardized security requirements, risk assessment methodologies, security architecture decision records integrated into SDLC workflows).
• Developed security automation and tooling documentation (security scanner integration guides, vulnerability management procedures, security monitoring runbooks for DevSecOps teams).
• Collaborated with platform and infrastructure teams to design secure CI/CD pipelines, container security strategies, and Kubernetes security policies with automated compliance validation and reporting.

Perks & Benefits

• Flexible work schedules and remote work options
• Health, dental, and vision insurance (up to 80% paid for employees, dependents, domestic partners)
• Robust time-off plan (21 days of PTO in the first year)
• Two paid volunteer days and 11 paid holidays
• 12 weeks paid parental leave for all new parents
• Six weeks paid sabbatical after six years of service
• Educational Assistant Program and Clinical Employee Reimbursement Program
• 401(k) with up to 4% match
• Stock options

Primary Duties

• Lead the development, implementation, and ongoing maintenance of comprehensive security strategies and solutions.
• Design and deploy advanced security controls to safeguards networks, systems, and applications.
• Work across disciplines to shape our security services strategy and execution
• Mentor and galvanize new engineers to do their best work
• Set and uphold the standard for security processes to support high-quality engineering

Minimum Qualifications

• BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 10 years security domain experience without degree
• 8+ years of experience in software or security engineering within Cloud Native environments

Preferred KSA’s

• Experience architecting, developing, and deploying large-scale distributed systems at scale
• Experience with cloud technologies, e.g., AWS, Azure, GCP
• Experience building continuous integration and continuous development (CI/CD) pipelines
• Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go)
• 4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value
• Experience with health-tech systems, like Electronic Health Records, Clinical data, etc.

Domain Specific Experience

Dev Security Ops

• Led security architecture reviews for enterprise-scale systems including microservices architectures, data platforms (Databricks, Snowflake), and cloud-native applications, identifying and mitigating security risks before implementation.
• Established Infrastructure Security as Code practices including automated security policy enforcement, drift detection, and infrastructure vulnerability scanning integrated into Pulumi deployment workflows
• Established security review processes and governance frameworks with standardized security requirements, risk assessment methodologies, and security architecture decision records (ADRs) integrated into SDLC workflows
• Developed security automation and tooling documentation including security scanner integration guides, vulnerability management procedures, and security monitoring runbooks for DevSecOps teams
• Collaborated with platform and infrastructure teams to design secure CI/CD pipelines, container security strategies, and Kubernetes security policies with automated compliance validation and reporting

Physical Requirements

• Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.

Who We Are:

Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.

What Does This Mean for You?

At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.

In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:

Flexible work schedules and the ability to work remotely are available for many roles

Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners

Robust time-off plan (21 days of PTO in your first year)

Two paid volunteer days and 11 paid holidays

12 weeks paid parental leave for all new parents

Six weeks paid sabbatical after six years of service

Educational Assistant Program and Clinical Employee Reimbursement Program

401(k) with up to 4% match

Stock options

And much more!

At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.

Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at https://www.aledade.com/privacy-policy-applicants

We may use automated tools, including artificial intelligence (AI), to help organize and evaluate application materials. These tools support our recruiters and hiring managers by helping manage large applicant pools. Human judgment plays an essential role in our hiring process, including in the oversight and use of any automated tools. If you would like more information about our screening and hiring process, please contact us.