As the Senior Security Manager for Application Security, you will lead by being a highly technical leader who delivers high business impact on projects of increasing dependencies and ambiguity.
You will lead a team of individual contributors focused on protecting patients, our employees, and Aledade as a whole. You will build partnerships across product and engineering teams to champion application security and foster adoption of best practices in SDLC, DevSecOps and other cross-functional areas.
At Aledade, we empower primary care physicians with technology to keep their patients healthy, preventing unnecessary hospitalizations.
We are flexible with respect to geographic location, and the ideal candidate will be comfortable working remotely/work from home within the U.S. or from our headquarters office in Bethesda, MD.
Primary Duties:
- Build a high performing team by hiring and nurturing security talent.
- Strong technical leadership - drive technical solutioning and building roadmaps to reduce or manage security risk.
- Set aggressive and clear goals and remove all roadblocks for the team to achieve them.
- Working seamlessly and collaboratively with stakeholders across Aledade to achieve business outcomes.
- Work closely with other leaders to drive excellence in our processes and systems.
Minimum Qualifications:
- BS (or higher) in Computer Science, Cybersecurity, Engineering, or equivalent experience
- 10+ years of experience in designing, building, or operating data protection services
- 5+ years of building and leading highly complex, technical security teams.
Preferred Knowledge, Skills, and/or Abilities:
- You have experience in attracting, hiring, and coaching world-class engineers including performance management
- You have experience in taking ownership of the technology decisions, while delegating and empowering team members.
- You have experience communicating analysis and establishing confidence among audiences who do not share your disciplinary background or training.
- You have strong communication and relationship building skills, with experience influencing and aligning multiple stakeholders
- Application Security:
- Strong understanding of security frameworks and standards (e.g., NIST 800-218, BSIMM, OWASP SAMM)
- Experience with security tools and technologies (e.g., SAST, DAST, SCA, threat modeling)
- In-depth knowledge of OWASP Top 10 vulnerabilities along with containment and remediation best practices.
- Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go).
- Extensive experience identifying, evaluating and triaging vulnerabilities with Static/Dynamic Application Security Testing (SAST/DAST) methodologies and tools.
- Extensive security engineering background, with expertise and knowledge in infrastructure security concepts, web application security, encryption, vulnerability management and penetration testing.
- Experience with open-source software security.
- Experience with incident response and digital forensics.
- Experience in cloud security and infrastructure as code.
- Knowledge of DevOps and Agile methodologies.
Who We Are:
Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of payers, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives, and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.
What Does This Mean for You?
At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.
In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:
Flexible work schedules and the ability to work remotely are available for many roles
Health, dental and vision insurance paid up to 80% for employees, dependents, and domestic partners Robust time off plan 21 days of PTO in your first year 2 Paid Volunteer Days & 11 paid holidays
12 weeks paid Parental Leave for all new parents
6 weeks paid sabbatical after 6 years of service
Educational Assistant Program & Clinical Employee Reimbursement Program
401(K) with up to 4% match
Stock options
And much more!
At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop, and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance, and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.
Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at https://www.aledade.com/privacy-policy-applicants