Senior Security Engineer II; Engineering & Tooling), Remote

Position: Senior Security Engineer II (Engineering & Tooling), Remote
As a Senior Security Engineer you will design, implement, and maintain security systems and tooling across our infrastructure. The ideal candidate will have a strong background in security engineering, an in-depth understanding of security tools, and a proactive approach to mitigating cybersecurity risks. This role involves both hands-on technical work, working closely with cross-functional teams and strategic collaboration to enhance our overall security posture.

This candidate will provide technical leadership and coach junior members of the security engineering team.

Primary Duties:

* Primary focus will be on infrastructure security through architecture reviews, threat modeling for new and existing services and security tool implementations, while leveraging automation to scale security solutions.

* Design, deploy, and manage advanced security tools, including SIEM, EDR, DLP, vulnerability management, and firewalls.

* Engineer solutions to integrate security tooling across cloud environments, ensuring seamless protection and visibility. Collaborate with cloud engineering teams to implement and secure cloud-native solutions (e.g., IAM, VPC, security groups, cloud firewalls), implement security controls for cloud infrastructure and containerized environments.

* Lead the evaluation, implementation, and configuration of new security technologies to address evolving threats and stay updated on emerging technologies, trends, and best practices in security engineering and tooling.

* Develop and maintain secure configurations for operating systems, applications, and networking equipment and Automate security processes using scripting languages (Python, Power Shell) and tools like Terraform or Ansible.

* Conduct security assessments and ensure vulnerability management programs are effective, addressing gaps proactively.

Minimum Qualifications:

* Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

* 7+ years of experience in security engineering, including designing and managing security tools.

* Strong understanding of Threat Modeling Principles

* Experience with Security Incident Response & Risk Management

* Strong hands-on expertise with SIEM (e.g., Splunk or Sumo logic), EDR (e.g., Crowd Strike, Sentinel One), and vulnerability management tools (e.g., Tenable, Qualys), Wiz, Snyk etc.

* Proficiency in securing cloud environments (AWS, Azure, or GCP), including experience with IAM, VPCs, security groups, EKS/ECR and cloud-native security solutions (e.g., AWS Security Hub, Azure Sentinel).

* Experience with automation tools IAC and CI/CD:
Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD and scripting (Python, Power Shell, or Bash) for integrating and managing security solutions.

* Familiarity with Dev Sec Ops  practices, container security (e.g., Kubernetes, Docker), and CI/CD pipeline security.

* Proven track record in incident response, threat hunting, and forensic investigations.

* Certifications such as CISSP, GSEC, AWS Certified Security Specialty, or equivalent.

Preferred Knowledge, Skills, and/or Abilities:

* Strongly Preferred:

* Experience with Datadog for metrics and log analysis.

* Experience in monitoring security tools and leading forensic investigations and helping in incident response efforts.

* Experience with Security incident response & Risk Management.

* Stay updated on emerging technologies, trends, and best practices in security engineering and tooling.

* Experience with Zero Trust models, microsegmentation, and cloud-native security solutions (e.g., AWS Security Hub, Azure Sentinel).

* Knowledge of regulatory frameworks (e.g., PCI DSS, GDPR, HIPAA) and how to engineer tools to support compliance.

* Has mentored junior engineers and provided technical leadership for security-focused initiatives.

* Strong analytical and problem-solving skills, with excellent communication and documentation abilities.

* Previous experience in healthcare, finance, or government sectors, particularly in managing network security within compliance frameworks like HIPAA, PCI-DSS, or SOX.

* Preferred:

* Certifications such as CISSP, CCNP, CEH, or similar are strongly preferred.

Who We Are:

Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model.

Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society -…