Senior Application Security Engineer

Senior Application Security Engineer

Alma is seeking a mission-driven Senior Application Security Engineer to join our team. We are dedicated to building secure and compliant tools and services which help mental healthcare providers more easily manage and grow their practice. In this role, you will help validate that our services, applications and web technologies are designed and implemented in a way that meets Alma’s security standards. You will help analyze, discover, and address security issues across our technical platform.

On this scaling team, you will have a strong hand in defining how Alma's engineering team approaches application security in the software development process. The ideal person for this role loves to work with other teams to design and build amazing security controls and automation.

What you’ll do:

• Create, manage, and maintain the application security strategy and roadmap, tracking OKRs and work efforts over six quarters.
• Comfortable and excited to lead the application security domain, including managing and maintaining existing tools, executing domain strategies, and owning all aspects of application security.
• Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
• Gain a deep understanding of Alma’s systems and architecture and the software development processes used to develop it.
• Provide subject matter expertise in the areas of secure coding, application authentication, encryption, AI, and quickly research and become competent in other areas as needed.
• Collaborate with teammates, PMs, and peers to design, develop and implement engineering’s technical security strategy and architecture.
• Collaborate with the Platform Infrastructure team to configure, troubleshoot, and maintain a security infrastructure that monitors and protects against security breaches and intrusions.
• Collaborate with the Developer Experience team to integrate security tools, workflows, and practices into development environments.
• Continually research current and emerging security threats and technologies, proposing changes and guidance that are most impactful.
• Develop appropriate technical solutions along with the latest security tools that help mitigate security vulnerabilities and also help automate repeatable activities.
• Build and provide high-quality application security documentation and training to engineers to set them up for success.
• Educate and provide guidance to engineers on secure coding practices.