Senior Security Engineer II (Engineering & Tooling), Remote

Aledade, Inc. is a public benefit corporation focused on empowering independent primary care. As a Senior Security Engineer, you will design, implement, and maintain security systems and tooling across the company's infrastructure, while providing technical leadership and collaborating with cross-functional teams to enhance security posture.

Responsibilities:

• Primary focus will be on infrastructure security through architecture reviews, threat modeling for new and existing services and security tool implementations, while leveraging automation to scale security solutions
• Design, deploy, and manage advanced security tools, including SIEM, EDR, DLP, vulnerability management, and firewalls
• Engineer solutions to integrate security tooling across cloud environments, ensuring seamless protection and visibility
• Collaborate with cloud engineering teams to implement and secure cloud-native solutions (e.g., IAM, VPC, security groups, cloud firewalls), implement security controls for cloud infrastructure and containerized environments
• Lead the evaluation, implementation, and configuration of new security technologies to address evolving threats and stay updated on emerging technologies, trends, and best practices in security engineering and tooling
• Develop and maintain secure configurations for operating systems, applications, and networking equipment and Automate security processes using scripting languages (Python, PowerShell) and tools like Terraform or Ansible
• Conduct security assessments and ensure vulnerability management programs are effective, addressing gaps proactively

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
• 7+ years of experience in security engineering, including designing and managing security tools
• Strong understanding of Threat Modeling Principles
• Experience with Security Incident Response & Risk Management
• Strong hands-on expertise with SIEM (e.g., Splunk or Sumo logic), EDR (e.g., CrowdStrike, SentinelOne), and vulnerability management tools (e.g., Tenable, Qualys), Wiz, Snyk etc
• Proficiency in securing cloud environments (AWS, Azure, or GCP), including experience with IAM, VPCs, security groups, EKS/ECR and cloud-native security solutions (e.g., AWS Security Hub, Azure Sentinel)
• Experience with automation tools IAC and CI/CD: Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD and scripting (Python, PowerShell, or Bash) for integrating and managing security solutions
• Familiarity with DevSecOps practices, container security (e.g., Kubernetes, Docker), and CI/CD pipeline security
• Proven track record in incident response, threat hunting, and forensic investigations
• Certifications such as CISSP, GSEC, AWS Certified Security Specialty, or equivalent
• Experience with Datadog for metrics and log analysis
• Experience in monitoring security tools and leading forensic investigations and helping in incident response efforts
• Experience with Security incident response & Risk Management
• Stay updated on emerging technologies, trends, and best practices in security engineering and tooling
• Experience with Zero Trust models, microsegmentation, and cloud-native security solutions (e.g., AWS Security Hub, Azure Sentinel)
• Knowledge of regulatory frameworks (e.g., PCI DSS, GDPR, HIPAA) and how to engineer tools to support compliance
• Has mentored junior engineers and provided technical leadership for security-focused initiatives
• Strong analytical and problem-solving skills, with excellent communication and documentation abilities
• Previous experience in healthcare, finance, or government sectors, particularly in managing network security within compliance frameworks like HIPAA, PCI-DSS, or SOX
• Certifications such as CISSP, CCNP, CEH, or similar are strongly preferred