CommunityJobsAdviceEventsReviewsFor EmployersFor ClientsCoach Connect
CommunityJobsAdviceEvents
JOB SEARCH

Senior Engineer, Security (AppSec)

Arcadia

United States (Remote)

#a199fb75-2c92-4cce-822d-fdbf4bd1a8d6

Position summary

ponse, and threat mitigation efforts.

This is a senior individual contributor role for a highly technical security engineer who thrives in execution-heavy environments. You will collaborate closely with peers across the organization to embed security into the development lifecycle, strengthen detection and response capabilities, and reduce risk across Arcadia's SaaS platform in a highly regulated healthcare environment.

What Success Looks Like

In 3 months

  • Gain a deep understanding of Arcadia's application architecture, cloud environment, and security tooling

  • Begin contributing to application security reviews, threat modeling, and vulnerability remediation

  • Participate in active incident response and detection activities

  • Build strong working relationships with Engineering, Infrastructure, and Security Assurance teams

In 6 months

  • Independently own key application security controls and tooling

  • Improve vulnerability detection, remediation workflows, and secure-by-default engineering patterns

  • Contribute meaningfully to incident investigations, root cause analysis, and post-incident improvements

  • Help mature security automation and security-as-code practices

In 12 months

  • Be a trusted senior technical voice for application and cloud security

  • Demonstrate measurable improvements in application security posture, detection coverage, and response effectiveness

  • Help reduce security risk through improved design, automation, and operational discipline

What You'll Be Doing

  • Application & Cloud Security Engineering

  • Design, implement, and maintain application security controls across Arcadia's cloud-native SaaS platform

  • Partner with Product and Engineering teams to embed security into system design, development workflows, and CI/CD pipelines

  • Conduct threat modeling, architecture reviews, and secure design assessments for new and existing services

  • Own and improve vulnerability management processes, including identification, prioritization, and remediation tracking

  • Implement and maintain security tooling such as SAST, DAST, dependency scanning, container scanning, and secrets detection

  • Detection, Response & Threat Analysis

  • Participate in security incident response activities including detection, investigation, containment, and remediation

  • Monitor and analyze logs, alerts, and security events to identify suspicious activity and emerging threats

  • Contribute to detection engineering by tuning alerts, improving signal quality, and reducing noise

  • Support threat intelligence analysis and apply insights to improve preventive and detective controls

  • Perform post-incident analysis and recommend technical and process improvements

  • Security Automation & Engineering Excellence

  • Build security-as-code solutions to automate control enforcement, validation, and remediation

  • Use scripting and automation to reduce manual effort and improve consistency

  • Support secure AWS architecture using services such as EKS, ECS, Lambda, IAM, and VPC

  • Contribute to identity and access management best practices across AWS, Okta/Auth0, and SaaS platforms

  • Compliance & Risk Enablement

  • Translate compliance requirements (e.g., SOC 2, ISO 27001, HITRUST, HIPAA) into practical technical controls

  • Partner with Security Assurance to support audits, evidence collection, and continuous control monitoring

  • Help identify and remediate security risks discovered through assessments, audits, or incidents

What You'll Bring

  • 6+ years of experience in application security, cloud security, or security engineering roles

  • Strong hands-on experience securing cloud-native, SaaS-based environments (AWS required)

Solid understanding of:

  • Application security principles and common vulnerabilities (OWASP Top 10)

  • Secure software development practices and CI/CD integration

  • Cloud security architecture and IAM

  • Incident detection and response fundamentals

  • Experience with security tools such as SIEM, SAST/DAST, EDR, vulnerability scanners, and cloud security platforms

  • Ability to script and automate security workflows using Python, Bash, or similar languages

  • Strong analytical skills and the ability to clearly communicate security risks and recommendations

Would Love For You To Have

  • Experience in healthcare or other regulated industries

  • Familiarity with Kubernetes, container security, and modern DevSecOps tooling

  • Experience contributing to detection engineering or threat analysis efforts

  • Relevant certifications such as AWS Security Specialty, CISSP, CCSP, or GIAC certifications

What You'll Get

  • A senior, high-impact security engineering role in a mission-driven healthcare company

  • The opportunity to work deeply hands-on with modern cloud and application security challenges

  • Be a part of a mission driven company that is transforming the healthcare industry by changing the way patients receive care

  • A flexible, remote friendly company with personality and heart

  • Employee driven programs and initiatives for personal and professional development

  • Become a member of the talented, energized, diverse and purpose-driven Arcadian Community

$140,000 - $175,000 a year

About Arcadia

Arcadia.io helps innovative providers and payers across the country transform healthcare to reduce cost while improving patient health. We do this by aggregating large amounts of disparate data, applying algorithms to identify opportunities to provide better patient care, and making those opportunities actionable by physicians at the point of care in near-real time. We are passionate about helping our customers drive meaningful outcomes. We are growing fast and have emerged as a market leader in the highly competitive population health management software market and have been recognized by industry analysts KLAS, IDC, Forrester, and Chilmark for our leadership. For a better sense of our brand and products, please explore our website .

Protect Yourself

If you have concerns about the authenticity of a job offer or recruitment-related communication claiming to be from Arcadia, we encourage you to verify by contacting us directly at (781) 202-3600 and select option 3. For more information, visit our website .

This position is responsible for following all Security policies and procedures in order to protect all PHI under Arcadia's custodianship as well as Arcadia Intellectual Properties. For any security-specific roles, the responsibilities would be further defined by the hiring manager.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.