contract-pen-iconManifesto
desk-coffee-computer-iconJobs
wrench-iconTools
globe-iconCommunity
smart-tv-iconMedia
muscle-iconContribute
key-iconLog in
Author
This is some text inside of a div block.
Last Updated
This is some text inside of a div block.
Editorial Transparency
This is some text inside of a div block.

Sr Project Manager, Patient & Practice Solutions

Senior Application Security Engineer - remote within EMEA

About the Role:

Own and scale our Application Security program. You'll set the strategy, embed security into every stage of the SDLC, and coach teams to raise our "secure by default" bar. This is a high-impact role for a senior engineer who's comfortable rolling up their sleeves, leading cross-functionally, implementing automations and measuring outcomes.

Your Daily Tasks Will Entail:

  • Own the AppSec strategy & roadmap by defining objectives, guardrails, and KPIs (e.g., vuln MTTR by severity, % coverage of SAST/DAST/SCA, secret-leak MTTR, etc.).
  • Build/maintain internal tools (including ML-assisted where useful) that make the secure path the easy path.
  • Lead threat modeling and architecture reviews; author/maintain secure coding guidelines for services/APIs, ensuring design-time security.
  • Own intake, triage, SLAs, retests, and report to security engineering leadership.
  • Conduct regular security assessments to identify vulnerabilities/risks in applications and software before they emerge.
  • Partner with product & compliance by mapping SDLC controls to frameworks, scoping engagements, contributing to IR playbooks/table-tops for application-layer incidents.

Your Qualifications:

  • 7+ years in application security / software engineering, and strong automation mindset and AppSec-related certifications is a plus.
  • Strong Python coding; ability to review TypeScript/JavaScript and PHP.
  • Depth in threat modeling, secure design patterns, authN/authZ (OAuth2/OIDC, JWT), crypto hygiene, API/web security.
  • Excellent communicator and influencer: i.e. able to drive healthy change across teams and balance risk, delivery, and developer experience.
  • Nice to have experience: GraphQL/mobile security, privacy-by-design, LLM application security (prompt injection, data leakage), container security, SOC 2/ISO 27001, SLSA.

What We Offer:

  • Non-boring cybersecurity work: real-world threats, high-signal problems, measurable impact.
  • Developer-first culture: time for threat modeling, champions program, and office hours.
  • Be part of a friendly, inclusive, and global team.
  • An opportunity to work remotely or in a modern and welcoming office in Rīga or Tallinn, or from our co-working space in Barcelona.
  • Health insurance.
  • 2 extra paid days off(either consecutively or separately) to focus on your mental or physical well-being.
  • 1 extra paid day offto celebrate a Birthday or any other celebration of your choice.
  • Flexible working hours (start your day as late as 11 a.m.).
  • Learning Budget to support your professional development.
  • Access to mentorship, internal meetups, and hackathons both on-site and online.
  • Exciting team-building events and parties you’ll never forget!
  • Free and healthy lunch when you work from the Rīga office.
  • Design and order your own merch using our platforms with employee discount.
  • Apple MacBook laptop as your standard work equipment.

We are an equal-opportunity workplace. We’re committed to diversity and inclusion and make hiring decisions based solely on qualifications, merit, and work experience.

About Aledade

A healthcare technology company that partners with independent physician practices to provide value-based care solutions and improve patient outcomes.
Apply Now
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept