Athenahealth - Lead Member of Technical Staff - Information Security

athenaHealth Technology Private Limited.

Bangalore

10 - 12 Years

411+ Reviews

Security Cyber Security DevSecOps CI/CD Threat Modeling Vulnerability Management Python Applications Security Information Security

Posted on: 17/11/2025

Job Description

Description :

Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

We're seeking a Platform Security Engineer to join our Security team and build the future of developer-centric security at athenahealth.

You'll design and implement security platforms that integrate seamlessly into developer workflows, creating automation, frameworks, and self-service tooling that enable engineering teams to ship secure code faster.

Your mission : eliminate security friction while strengthening our DevSecOps posture across the organization.

What We Need For This Role :

- You are a platform security engineer who builds security solutions that integrate seamlessly into developer workflows.

- You identify friction points in the development process and create automation, frameworks, and self-service tooling that enable teams to ship secure code faster.

- With strong software engineering skills and security expertise, you design scalable platforms that balance security requirements with development usability.

- You have experience with API integration, CI/CD security, and translating complex security concepts.

- You measure success through adoption rates and reduced friction, and you communicate effectively across technical and business audiences to drive security outcomes without compromising productivity.

Technical Responsibilities :

Responsibilities may include, but are not limited to :

- Design and build security capabilities that provide self-service features for developers, including security testing APIs, automated policy enforcement, and security-as-code solutions.

- Develop seamless integrations between security tools and developer workflows, ensuring security checks are embedded in CI/CD pipelines, IDEs, pull request workflows, and deployment processes.

- Champion security tools such as static code analysis, dynamic code analysis, scanning of sensitive information; ensure teams know about tooling and use it during their daily coding activities.

- Ability to debug complex problems, work through logs, and engage vendors where appropriate.

- Willingness and ability to develop strong documentation for stakeholders and team members, including thoroughly commented code/scripts and accurate design specifications.

- Automate integrations and notifications with systems such as internal bug tracking systems to ensure results are documented and shared with necessary stakeholders.

- Ensure tooling is designed for high availability and redundancy.

- Act as an escalation point and participate in on-call rotations where required.

- Understand and follow coding conventions, architectures, and best practices.

- Perform peer code reviews to ensure quality standards.

Collaboration and Leadership :

- Ownership of commitments, take responsibility for outcomes, and drive initiatives to completion.

- Participate and contribute to scrum meetings i.

daily stand-up, sprint planning, readouts and retrospectives.

- Drive self-organization; help determine how the team functions in collaboration with your peers.

- Partner with Product to establish feedback mechanisms to understand pain points, gather requirements, and validate that security solutions are meeting their needs without creating bottlenecks.

- Work collaboratively across the Technology and Product organizations to ensure alignment towards business goals.

- Builds strong relationships with cross-functional team members.

- Share business and technical learnings with the broader engineering and product organization, while adapting approach for different audiences.

Education & Experience Required :

- 10 to 15 years of software engineering experience with a focus on security tooling, automation, or platform development.

- Bachelor's degree in Computer Science, Engineering, or equivalent practical experience.

- Information Security expertise including application security, secure development lifecycle, threat modeling, vulnerability management, and risk assessment.

- Modern programming proficiency in languages such as Python, Java, Groovy, JavaScript, or similar (polyglot experience preferred).

Desired Qualifications :

- CI/CD and DevSecOps experience including pipeline security, container security (Docker/Kubernetes), and infrastructure as code (Terraform).

- Security tooling experience with SAST, DAST, SCA, CNAPP, or similar application security platforms.

- Cloud architecture knowledge with AWS and/or Azure, including cloud-native security patterns.

- Container management experience with Docker and Kubernetes.

- Agile development experience working in cross-functional teams.

- Authored production-quality code that is performant, scalable, maintainable, and well-documented.