Senior Application Security Engineer- Security Architecture

Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

We are looking for a Security Engineer to help increase the security capabilities of our teams. You will work closely with scrum teams, product managers, security architecture and engineering leadership to improve the quality and adoption of automation and orchestration in athena’s Security Development Lifecycle practices and security practices. But enough about us; let’s talk about you!

You are a curious problem solver with a passion for security. You love improving the quality and adoption of Security Development Lifecycle practices and you thrive working in technical leadership roles with a high degree of independence.   

The Team: Join a collaborative group that solves new and interesting application security problems at scale. Use your security, engineering, and communication skills to make a difference with the company that allows medical professionals to focus on what they do best - treat patients. 

Job Responsibilities 

• Responsible for socializing and driving the execution of key security best practices across the R&D organization 
• Contribute to enterprise security catalog of best practices, techniques and patterns to enable secure implementation of features in products/product families 
• Ensure organization effective use of application security tools (SAST, DAST, SCA, API  active testing), including them into unified pipeline where relevant with the goal to prevent vulnerabilities from being introduced into the product features during the development lifecycle
• Identify and explain feature level design or architectural weaknesses which could result in security issues 
• Partner with key stakeholders including enterprise security leadership to track and prioritize open issues and follow up on resolution 
• Work with key stakeholders like DevOps, Infrastructure, et al to build security hardened tech stacks that are used for development and production 
• Document, share, and help automate coverage for common abuse cases and attacks  

Typical Qualifications 

• Bachelor's degree in Computer Science, Computer Engineering, Cyber Security or similar or equivalent experience 
• At least 3 years experience as a software developer and 3-5 years in a security focused development role in an agile development environment 
• Experience in software and product design and architecture, product security, security issue prevention and mitigation strategies 
• Strong knowledge of programming languages - Java, JavaScript (NodeJS), C#, Perl, Python, etc. In addition to the ability to understand code we need a demonstrated capability to understand security bugs in it.
• Practical experience with Docker and Terraform
• Knowledge of key security technologies like OAuth, SAML, K8 etc. 
• Solid understanding of the web services world including RESTful services, Service Bus architectures, JSON etc 
• Current knowledge of HIPAA, HITRUST, PCI-DSS requirements 

About athenahealth

Our vision: In an industry that becomes more complex by the day, we stand for simplicity. We offer IT solutions and expert services that eliminate the daily hurdles preventing healthcare providers from focusing entirely on their patients — powered by our vision to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

Our company culture: Our talented  employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our vision. We are a diverse group of dreamers and do-ers with unique knowledge, expertise, backgrounds, and perspectives. We unite as mission-driven problem-solvers with a deep desire to achieve our vision and make our time here count. Our award-winning culture is built around shared values of inclusiveness, accountability, and support.

Our DEI commitment: Our vision of accessible, high-quality, and sustainable healthcare for all requires addressing the inequities that stand in the way. That's one reason we prioritize diversity, equity, and inclusion in every aspect of our business, from attracting and sustaining a diverse workforce to maintaining an inclusive environment for athenistas, our partners, customers and the communities where we work and serve.

What we can do for you:

Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative  workspaces  — some offices even welcome dogs.

We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.

In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. We provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued. 

Learn more about our culture and benefits here: athenahealth.com/careers  

https://www.athenahealth.com/careers/equal-opportunity