Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Sr. Application Security Engineer
Company Alignment Healthcare
Location Orange, CA
Preferred GIAC Certifications GWAPT, GSSP, GWEB, GXPN
Travel 0%
Salary Commensurate with Experience
Contact Name Michelle Cortez
Contact Email mcortez/at/
Expires 2020-01-01

Job Description

Senior Application Security Engineer
Location: Orange, California US
Job Number: 1754

Alignment Healthcare is a data and technology driven healthcare company focused partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors.

We are experiencing rapid growth (backed by top private equity firms), our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcome and care experience.

If you like to hunt vulnerabilities, build secure coding methods and secure apps, then our Sr. Application Security Engineer might be for you. Work as part of development teams to identify threats and risks, vulnerabilities and attack vectors, and work with security and engineering to develop ways to test, mitigate and prevent.

This is a security role where you can take ownership in the overall direction of the security of our Healthcare app platform, including mobile and cloud-based data sciences. This role is key to securing people’s healthcare and personal information. It is not just about finding and fixing security bugs, it’s more about driving the direction of modern, secure healthcare.

Major Responsibilities

- Threat modeling application features and production environments.
- Break applications and prevent them from being broken.
- Security testing (black-box, gray-box) and code review of cloud and mobile products, APIs, internal automation, AUTH, and internal - applications.
- Definition of AppSec policies, procedures and reporting metrics.
- Participate in incident handling and response.
- Security partnership with data, development, security and engineering teams.
- Security research, presentations, publications, and security industry collaboration.
- Guidance and architecture oversight, design reviews, and security feature roadmap collaboration.


- Experience with agile software development processes and methodologies.
- Working knowledge of source code repositories.
- Experience developing, deploying, and securing applications in Azure or AWS.
- Experience working with a variety of development tools, languages, and environments, including .NET/Core, MVC, REST API, C#, SPA, - JavaScript and common frameworks (Angular, React, etc.)
- Experience with Azure or AWS Development and CI/CD tooling (Visual Studio, Azure DevOps)
- Deep working knowledge of modern authentication and authorization protocols (OAuth, OpenID Connect, SAML)
- Experience with DAST, SAST, and IAST solutions, including static analysis tools for C# and JavaScript.
- Knowledge of real world, applied crypto techniques
- Experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10 and CWE/SANS Top 25


- S. / M.S. in Computer Science, Electrical Engineering and/or 5+ years of related experience.
- GWAPT, GSSP-JAVA, GSSP-.NET, GWEB, GXPN, and/or related experience.


- Penetration and/or Red Teaming testing experience
- Production network security experience
- MS SQL Server security best practice for app devs - IaaS, PaaS

Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran.

If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact