Staff Security Engineer (DevSecOps) - Aledade

Job Title: Staff Security Engineer (DevSecOps)
Job Location: Bethesda, MD
Job Listing URL: https://jobs.lever.co/aledade/1bb8d142-3e00-45bb-b2d1-ba7f503f6d61
Job Description: The Staff Security Engineer will be responsible for designing, implementing, and maintaining security services that support our business. You will understand data and automation are important ingredients to our mission and know how to actively employ these ingredients at scale. Beyond the technical expertise, we value individuals who can partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.
Primary Duties
Lead the development, implementation, and ongoing maintenance of comprehensive security strategies and solutions.
Design and deploy advanced security controls to safeguards networks, systems, and applications.
Work across disciplines to shape our security services strategy and execution
Mentor and galvanize new engineers to do their best work
Set and uphold the standard for security processes to support high-quality engineering
Minimum Qualifications
BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 10 years security domain experience without degree
8+ years of experience in software or security engineering within Cloud Native environments
Preferred KSA’s
Experience architecting, developing, and deploying large-scale distributed systems at scale
Experience with cloud technologies, e.g., AWS, Azure, GCP
Experience building continuous integration and continuous development (CI/CD) pipelines
Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go)
4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value
Experience with health-tech systems, like Electronic Health Records, Clinical data, etc.

Domain Specific Experience
Dev Security Ops
Led security architecture reviews for enterprise-scale systems including microservices architectures, data platforms (Databricks, Snowflake), and cloud-native applications, identifying and mitigating security risks before implementation.
Established Infrastructure Security as Code practices including automated security policy enforcement, drift detection, and infrastructure vulnerability scanning integrated into Pulumi deployment workflows
Established security review processes and governance frameworks with standardized security requirements, risk assessment methodologies, and security architecture decision records (ADRs) integrated into SDLC workflows
Developed security automation and tooling documentation including security scanner integration guides, vulnerability management procedures, and security monitoring runbooks for DevSecOps teams
Collaborated with platform and infrastructure teams to design secure CI/CD pipelines, container security strategies, and Kubernetes security policies with automated compliance validation and reporting
Physical Requirements
Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.