Lead DevSecOps Engineer

Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

We are looking for a Lead Member of Technical Staff to join our Security team as a team leader under the Information Security group. You will be partnering with stakeholders across the business to develop and automate security tooling such as static and dynamic code analysis, security testing frameworks, and processes involved in athenahealth's CI/CD pipeline to ensure the development process is as secure as we can make it. As a team lead, you will be responsible for ensuring the scrum team is effectively delivering on their work while providing coaching and mentoring to the other members of the team.

What we need for this role:

You are a developer and are also comfortable in the system administration domain with experience in leading efforts related to software integration, script development, automation and orchestration of security related tooling. You have strong coding and scripting skills, experience with API integration, and can debug complex problems. You are an excellent communicator who can work with stakeholders to understand business workflows and develop tooling that enables successful and efficient workflows. You are a tenacious, but nimble learner, who demonstrates design & engineering excellence.

Responsibilities may include, but are not limited to:

70% [Primary Function] Technical Execution

· Produce accurate, unambiguous technical design specifications and accurate tasks description

· Deliver customer value in the form of high-quality software components and services in adherence with policies on security, performance, longevity and Integration testing

· Champion security tools configuration in the area of static code analysis, dynamic code analysis, scanning of sensitive information; ensure teams know about tooling and use it during their daily coding activities

· Experience with application security and development tools like JIRA, Confluence, Bitbucket, GitLab, scanning tools, linting

· Experience with CI/CD processes (familiarity with some of following tools a plus: Jenkins, JFrog, Harness, Docker)

· Estimate the size of development tasks in story points with the goal of 80% accuracy; begin to challenge others during estimation

· Understand and follow coding conventions, architectures, and best practices

· Write, debug, and deploy code to production; deliver timely fixes

· Own the various platforms the team manages, including daily support and maintenance (patching)

· Adhere to DoD (story Definition of Done) as part of the sprint, including unit tests, functional testing, code reviews, no regressions, bug fixes, documentation and adhere to best coding practices

· Perform peer code reviews in order to ensure quality standards

· Ability to debug complex problems, work through logs, and engage vendors where appropriate

· Willingness and ability to develop strong documentation for stakeholders and team members, including thoroughly commented code/scripts

· Automate integrations and notifications with systems such as internal bug tracking systems to ensure results are documented and shared with necessary stakeholders

· Ensure tooling is designed for high availability and redundancy. Act as an escalation point and participate in on-call rotations where required.

15% Contributions to the Team

· Master the domain knowledge for area of assignment

· Take ownership of what the team builds; consider customer adoption as success criteria

· Contribute to agile ceremonies to improve team performance

· Volunteer for work in the backlog and commit to quality delivery; coordinate efforts across the team to ensure completion and effectiveness

· Participate and contribute to scrum meetings i.e. daily stand-up, sprint planning, readouts and retrospectives

· Drive self-organization; help determine how the team functions in collaboration with your peers

10% Mentorship of Others

· Advise and train members of the team to maximize overall productivity and effectiveness of the team

5% Cross functional Coordination and Communication

· Work collaboratively across the Technology and Product organizations to ensure alignment towards business goals

· Builds strong relationships with cross-functional team members

· Share business and technical learnings with the broader engineering and product organization, while adapting approach for different audiences

· Develop documentation that stakeholders across the business can use to ensure tooling developed by the team is effectively understood and utilized

Education, Experience, & Skills Required:

· 8-12 years of experience in an engineering role

· Experience in an Agile environment preferred

· Bachelor’s Degree or equivalent

· Strong software engineering skills and computer science experience · Knowledge of at least one modern programming languages such as: Perl, Java, Python, Groovy and javascript/jQuery

· Information Security background, including areas such as vulnerability testing, penetration testing, secure development lifecycle, threat modeling, and risk management

· Experience in software development and computer science experience

· Practical experience with Docker and Terraform

· Familiarity with Unix/Linux, Windows, SQL, shell scripting, and various other technologies

· Exposure to cloud-based architectures including Amazon AWS and Microsoft Azure

Behaviors & Abilities Required:

· Ability to learn and adapt in a fast-paced environment, while producing quality scripts, code, and tool suites

· Ability to write code that is technically sound, performant, scalable, and readable

· Finds creative way to execute even when there is no historical context or known path forward

· Ability to work collaboratively on a cross-functional team with a wide range of experience levels

· Ability to analyze and assess potential software designs with an eye towards finding the best solution for the business

· Ability to identify alternative methods of solving problems and build efficiencies while doing so

· Proven track record of following through on commitments and owning the outcome

· Ability to assess situations or problems from multiple angles to understand the complete picture

About athenahealth

Here’s our vision: To create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.  

What’s unique about our locations? 
From an historic, 19th century arsenal to a converted, landmark power plant, all of athenahealth’s offices were carefully chosen to represent our innovative spirit and promote the most positive and productive work environment for our teams. Our 10 offices across the United States and India — plus numerous remote employees — all work to modernize the healthcare experience, together. 
 
Our company culture might be our best feature. 
We don't take ourselves too seriously. But our work? That’s another story. athenahealth develops and implements products and services that support US healthcare: It’s our chance to create healthier futures for ourselves, for our family and friends, for everyone.  

Our vibrant and talented employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our goal. We continue to expand our workforce with amazing people who bring diverse backgrounds, experiences, and perspectives at every level, and foster an environment where every athenista feels comfortable bringing their best selves to work. 

Our size makes a difference, too: We are small enough that your individual contributions will stand out — but large enough to grow your career with our resources and established business stability. 
 
Giving back is integral to our culture. Our athenaGives platform strives to support food security, expand access to high-quality healthcare for all, and support STEM education to develop providers and technologists who will provide access to high-quality healthcare for all in the future. As part of the evolution of athenahealth’s Corporate Social Responsibility (CSR) program, we’ve selected nonprofit partners that align with our purpose and let us foster long-term partnerships for charitable giving, employee volunteerism, insight sharing, collaboration, and cross-team engagement.   

What can we do for you? 
Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative workspaces — some offices even welcome dogs.  

In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. And we provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued.  

We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.