Key skills
TypeScriptPythonGoBashAIAWSKubernetesDockerVaultIAMDatadogSplunkGitHubSaaSSDLCCI/CDRisk Management
About this role
Alaffia Health is a high-growth, venture-backed Series B healthtech startup based in NYC, focused on transforming healthcare operations through innovative technology. The Security Operations Engineer will be responsible for safeguarding the company's cloud-native tech stack and driving automation-first security operations while collaborating closely with engineering and product teams to integrate security into the development lifecycle.
Responsibilities:
- Design and operate SOAR workflows to automate detection, triage, and response across our security tooling
- Build and maintain IaC security policies and code security analysis pipelines integrated into CI/CD
- Automate user provisioning, de-provisioning, and access reviews aligned with RBAC and least-privilege principle
- Implement and automate secrets management and rotation using tools like 1Password Secrets Automation and HashiCorp Vault
- Develop and enforce data loss prevention (DLP) controls and data labeling workflows
- Administer MDM platforms to enforce device compliance, configuration baselines, and security controls
- Manage IAM, PLP, and RBAC across cloud and SaaS environments; conduct regular access review and certifications
- Own the secure onboarding, role-change, and offboarding lifecycle end-to-end
- Lead the full security incident response lifecycle — detection through remediation — leveraging CrowdStrike, Splunk, and ProofPoint
- Conduct proactive threat hunting and maintain threat intelligence pipelines using the MITRE ATT&CK framework
- Manage IDS/IPS monitoring and tune alerting to reduce noise and improve signal fidelity
- Automate vulnerability scanning, tracking, and SLA reporting across infrastructure and applications
- Support and co-own compliance audits for SOC 2 Type II, HIPAA, and HITRUST; contribute to Alaffia’s ISO/IEC 42001:2023 AI governance certification initiative
- Conduct vendor security reviews for new SaaS and AI tool onboarding
- Perform annual IT environment audits and manage audit evidence collection
- Triage and resolve non-hardware IT support tickets via automation
- Collaborate with software engineers to integrate security into the SDLC — including dependency scanning, secrets detection, and container security
- Produce security documentation, runbooks, and knowledge-sharing materials to upskill the broader team
Requirements:
- 5+ years of hands-on security engineering or operations experience in a cloud-native environment
- Proficiency in IAM, RBAC, and privileged access management across cloud and SaaS platforms
- Experience with MDM platforms
- Solid foundation in vulnerability management — scanning, prioritization, and remediation tracking
- Working knowledge of secrets management tools and secure credential lifecycle practices
- Hands-on experience with XDR/EDR and SIEM platforms
- Familiarity with MITRE ATT&CK, threat hunting methodologies, and IDS/IPS operations
- Proven ability to own end-to-end incident response, from triage through post-mortem
- Demonstrated experience building security automations (SOAR, scripting, API integrations)
- Comfortable working with IaC tools and integrating policy-as-code into CI/CD pipelines
- Ability to write scripts or lightweight tooling in Python, Bash, or similar to eliminate manual toil
- Practical understanding of HIPAA, SOC 2, and HITRUST requirements and audit processes
- Awareness of AI governance and risk management frameworks (ISO/IEC 42001:2023, NIST AI RMF) — willingness to grow expertise here is essential
- Ability to communicate risk and security concepts clearly to both technical and non-technical audiences
- Collaborative partner to engineering, product, and clinical teams — not a gatekeeper, but an enabler
- Self-directed and comfortable prioritizing in a fast-moving startup environment
- Bachelor's degree in Computer Science, Information Systems, or equivalent practical experience
- 5+ years of IT/security industry experience; healthcare, cloud, or AI-adjacent environments strongly preferred
- One or more relevant certifications valued: CompTIA Security+, CySA+, or CASP+; ISC2 CISSP; ISACA CISM, CISA, or CCSP; AWS Security Specialty or Microsoft AZ-500
- Direct experience with CrowdStrike Falcon, Splunk SIEM, or ProofPoint email security
- Experience with Addigy (macOS MDM) and/or Microsoft Intune for cross-platform device management
- Familiarity with 1Password for Teams/Secrets Automation or HashiCorp Vault
- Background in or exposure to healthcare industry security requirements beyond HIPAA(e.g., HITRUST r2 audit participation)
- Experience contributing to or preparing for ISO/IEC 42001:2023 or NIST AI RMF implementations
- Comfortable working in software development environments using TypeScript, Python, or Go; Docker/Kubernetes; GitHub; Datadog
- Experience with developer security tooling: SAST, DAST, dependency scanning, or secrets detection in CI/CD
- Prior involvement in building or maturing a security program at a startup or high-growth company