Design, implement, and maintain application security controls across Arcadia’s cloud-native SaaS platform
Partner with Product and Engineering teams to embed security into system design, development workflows, and CI/CD pipelines
Conduct threat modeling, architecture reviews, and secure design assessments for new and existing services
Own and improve vulnerability management processes, including identification, prioritization, and remediation tracking
Implement and maintain security tooling such as SAST, DAST, dependency scanning, container scanning, and secrets detection
Participate in security incident response activities including detection, investigation, containment, and remediation
Monitor and analyze logs, alerts, and security events to identify suspicious activity and emerging threats
Contribute to detection engineering by tuning alerts, improving signal quality, and reducing noise
Support threat intelligence analysis and apply insights to improve preventive and detective controls
Perform post-incident analysis and recommend technical and process improvements
Build security-as-code solutions to automate control enforcement, validation, and remediation
Use scripting and automation to reduce manual effort and improve consistency
Support secure AWS architecture using services such as EKS, ECS, Lambda, IAM, and VPC
Contribute to identity and access management best practices across AWS, Okta/Auth0, and SaaS platforms
Translate compliance requirements (e.g., SOC 2, ISO 27001, HITRUST, HIPAA) into practical technical controls
Partner with Security Assurance to support audits, evidence collection, and continuous control monitoring
Help identify and remediate security risks discovered through assessments, audits, or incidents

Requirements

6+ years of experience in application security, cloud security, or security engineering roles
Strong hands-on experience securing cloud-native, SaaS-based environments (AWS required)
Solid understanding of:
- Application security principles and common vulnerabilities (OWASP Top 10)
- Secure software development practices and CI/CD integration
- Cloud security architecture and IAM
- Incident detection and response fundamentals
Experience with security tools such as SIEM, SAST/DAST, EDR, vulnerability scanners, and cloud security platforms
Ability to script and automate security workflows using Python, Bash, or similar languages
Strong analytical skills and the ability to clearly communicate security risks and recommendations.

Benefits

A senior, high-impact security engineering role in a mission-driven healthcare company
The opportunity to work deeply hands-on with modern cloud and application security challenges
Be a part of a mission driven company that is transforming the healthcare industry by changing the way patients receive care
A flexible, remote friendly company with personality and heart
Employee driven programs and initiatives for personal and professional development
Become a member of the talented, energized, diverse and purpose-driven Arcadian Community

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application securitycloud securitysecurity engineeringvulnerability managementthreat modelingsecure software developmentCI/CD integrationscriptingautomationincident detection and response

Soft Skills

analytical skillscommunication

Certifications

SOC 2ISO 27001HITRUSTHIPAA