Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
We're seeking a Platform Security Engineer to join our Security team and build the future of developer-centric security at athenahealth. You'll design and implement security platforms that integrate seamlessly into developer workflows, creating automation, frameworks, and self-service tooling that enable engineering teams to ship secure code faster. Your mission: eliminate security friction while strengthening our DevSecOps posture across the organization.
What we need for this role:
You are a platform security engineer who builds security solutions that integrate seamlessly into developer workflows. You identify friction points in the development process and create automation, frameworks, and self-service tooling that enable teams to ship secure code faster. With strong software engineering skills and security expertise, you design scalable platforms that balance security requirements with development usability. You have experience with API integration, CI/CD security, and translating complex security concepts. You measure success through adoption rates and reduced friction, and you communicate effectively across technical and business audiences to drive security outcomes without compromising productivity.
Responsibilities may include, but are not limited to:
Technical Responsibilities
· Design and build security capabilities that provide self-service features for developers, including security testing APIs, automated policy enforcement, and security-as-code solutions
· Develop seamless integrations between security tools and developer workflows, ensuring security checks are embedded in CI/CD pipelines, IDEs, pull request workflows, and deployment processes
· Champion security tools such as static code analysis, dynamic code analysis, scanning of sensitive information; ensure teams know about tooling and use it during their daily coding activities
· Ability to debug complex problems, work through logs, and engage vendors where appropriate
· Willingness and ability to develop strong documentation for stakeholders and team members, including thoroughly commented code/scripts and accurate design specifications
· Automate integrations and notifications with systems such as internal bug tracking systems to ensure results are documented and shared with necessary stakeholders
· Ensure tooling is designed for high availability and redundancy.
· Act as an escalation point and participate in on-call rotations where required.
· Understand and follow coding conventions, architectures, and best practices
· Perform peer code reviews to ensure quality standards
Collaboration and Leadership
· Ownership of commitments, take responsibility for outcomes, and drive initiatives to completion
· Participate and contribute to scrum meetings i.e. daily stand-up, sprint planning, readouts and retrospectives
· Drive self-organization; help determine how the team functions in collaboration with your peers
· Partner with Product to establish feedback mechanisms to understand pain points, gather requirements, and validate that security solutions are meeting their needs without creating bottlenecks
· Work collaboratively across the Technology and Product organizations to ensure alignment towards business goals
· Builds strong relationships with cross-functional team members
· Share business and technical learnings with the broader engineering and product organization, while adapting approach for different audiences
Education & Experience Required:
· 10-15 years of software engineering experience with a focus on security tooling, automation, or platform development
· Bachelor's degree in Computer Science, Engineering, or equivalent practical experience
· Information Security expertise including application security, secure development lifecycle, threat modeling, vulnerability management, and risk assessment
· Modern programming proficiency in languages such as Python, Java, Groovy, JavaScript, or similar (polyglot experience preferred)
Desired Qualifications:
· CI/CD and DevSecOps experience including pipeline security, container security (Docker/Kubernetes), and infrastructure as code (Terraform)
· Security tooling experience with SAST, DAST, SCA, CNAPP, or similar application security platforms
· Cloud architecture knowledge with AWS and/or Azure, including cloud-native security patterns
· Container management experience with Docker and Kubernetes
· Agile development experience working in cross-functional teams
· Authored production-quality code that is performant, scalable, maintainable, and well-documented
About athenahealth
Our vision: In an industry that becomes more complex by the day, we stand for simplicity. We offer IT solutions and expert services that eliminate the daily hurdles preventing healthcare providers from focusing entirely on their patients — powered by our vision to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
Our company culture: Our talented employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our vision. We are a diverse group of dreamers and do-ers with unique knowledge, expertise, backgrounds, and perspectives. We unite as mission-driven problem-solvers with a deep desire to achieve our vision and make our time here count. Our award-winning culture is built around shared values of inclusiveness, accountability, and support.
Our DEI commitment: Our vision of accessible, high-quality, and sustainable healthcare for all requires addressing the inequities that stand in the way. That's one reason we prioritize diversity, equity, and inclusion in every aspect of our business, from attracting and sustaining a diverse workforce to maintaining an inclusive environment for athenistas, our partners, customers and the communities where we work and serve.
What we can do for you:
Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative workspaces — some offices even welcome dogs.
We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.
In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. We provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued.
Learn more about our culture and benefits here: athenahealth.com/careers