Principal, Application Security Architect
- Oakland, CA
At Altais, we're looking for bold and curious innovators who share our passion for enabling better health care experiences and revolutionizing the healthcare system for physicians, patients, and the clinical community. Doctors today are faced with the reality of spending more time on administrative tasks than caring for patients. Physician burnout and fatigue are an epidemic, and the healthcare experience and quality suffer as a result. At Altais, we're building breakthrough clinical support tools, technology, and services to let doctors do what they do best: care for people. Come join us as an early member of our passionate and growing team as we change the game for the future of healthcare and enable the experience that people need and deserve.
At Altais, we're looking for bold and curious innovators who share our passion for enabling better health care experiences and revolutionizing the healthcare system for physicians, patients, and the clinical community. Doctors today are faced with the reality of spending more time on administrative tasks than caring for patients. Physician burnout and fatigue are an epidemic, and the healthcare experience and quality suffer as a result. At Altais, we're building breakthrough clinical support tools, technology, and services to let doctors do what they do best: care for people. Come join us as an early member of our passionate and growing team as we change the game for the future of healthcare and enable the experience that people need and deserve.Are you looking to build your career in Information Security Engineering and be part of a growing and dynamic team? We have got an excellent opportunity to be part of a start-up business with the resources and leadership of an experienced next-generation clinical and services organization. We believe that people are our greatest asset and looking for an exceptional Principal, Application Security Architect to join the Altais Technology and Development Team and deliver inspired solutions that change the way healthcare is delivered.As the Principal, Application Security Architect, you will be responsible for development of Altais Health's physician-centered solutions. You will participate in the technical strategy for securing cloud-native SaaS and PaaS products and infrastructures at scale, in a sophisticated web, data science, and integration services environment. This role will mostly focus on the design and implementation of secure DevOps software development practices, and testing methods, and cloud service security infrastructure design and implementation. The successful candidate will bring vision to the role and will have strong expertise in security architecture practices, infrastructure security, securing work streams in AWS and GCP, SecDevOps and automation, secure coding practices, and testing security efficiency. You'll have domain expertise that's applicable across multiple teams and will quickly establish multi-functional relationships with colleagues to become a trusted resource for Product and Development, while also maintaining a hands-on role in implementing solutions and crafting specifications for those teams. You should have technical experience in building infrastructure and applications for scalability, resiliency, availability, and recovery. As a Principal Application Security Engineer, you will secure our products and systems across the spectrum of the technology stack.This position is located in our brand-new Oakland City Center location.
About the Work
- Architecting our core infrastructure to reduce the attack surface of critical services and mitigate the impact of exploits.
- Design and plan application security architectures that align to the company's business strategy and commitments, inclusive of privacy and compliance.
- Perform static and multifaceted code testing, threat modeling, design reviews, and penetration testing of company applications, review results and work with engineering to provide fixes.
- Partner with security stakeholders across the organization to help delivery teams envision and deliver security initiatives.
The Skills, Experience & Education You Bring
- Requires a college degree or equivalent experience and minimum 12 years prior relevant experience, including 6 years of management experience.
- Degree in CS, EE or other Engineering program, and 4-10 years' professional experience with both a detailed technical knowledge and hands-on practice working in security engineering, DevOps, application penetration testing, secure software development and/or negative QA testing.
- Experience with application security tools including DAST, SAST, Penetration testing, Fuzzing etc.
- Advanced understanding of web architectures, web applications, APIs, mobile applications, desktop applications, Unified Communications (including VoIP and SMS), and the underlying technology of cloud infrastructure.
- Detailed knowledge of cloud VoIP, web, mobile, and client application security vulnerabilities, attack methods, and countermeasure techniques
- Experience with a broad range of web attack classes, their workings, and propagation methods
- Experience securing DevOps, including continuous integration, configuration management, and continuous deployment
- Experience leading code reviews, pen-tests, or similar projects
- Security certifications such as CISSP, Certified Ethical Hacker, and SANS GIAC (any combination of GCIH, GPPA, GMON, GCWN, GCUX, GPYC, GPEN, GWAPT, GXPN, GSSP-Java, GWEB, GMOB, GAWN, or GSE)
- At a minimum must have or have the ability to pass and maintain AWS Certified Solutions Architect - Associate and AWS Certified Security - Specialty within 12 months of employment.
- At a minimum must have or have the ability to pass and maintain SSCP or CISSP within 18 months of employment.
Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.
Please click here for further physical requirement detail.
Altais is a wholly owned subsidiary of Blue Shield of California. Candidates hired to work for Altais, Altais Health, and Altais Clinical Services will be employed by California Physicians' Services dba Blue Shield of California. External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws
Back to top