Apply on Employer Site

Aya Healthcare · 7 hours ago

Sr. Security Engineer (Security Program Delivery)

United States

Full-time

Remote

Senior Level, Lead/Staff

$170K/yr - $190K/yr

8+ years exp

Aya Healthcare is a rapidly growing workforce solutions provider in the healthcare industry. They are seeking a hands-on Senior Security Engineer to drive the design, delivery, and maturation of security capabilities across various infrastructures and applications, while ensuring compliance with international standards.

Health CareHospitalityTravel

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Lead the design, planning, and delivery of security projects spanning cloud infrastructure (primarily Azure), web application security, secure coding practices, application code reviews, GenAI/Agentic AI security controls, and security for global, multi-region/diverse infrastructure

Coordinate closely with engineering, architecture, DevOps, product, and international teams to define requirements, align dependencies, and drive risk reduction through mature security practices

Perform hands-on implementation, automation, and maintenance of security solutions, including vulnerability management, policy-as-code, automated remediation workflows, secure-by-design frameworks, web application firewalls, code scanning, and runtime protection

Provide technical coordination on securing web applications (e.g., OWASP Top 10 mitigation, secure headers, input validation), application code (secure coding standards, SAST/DAST/IAST integration), threat modeling (e.g., STRIDE), SDLC security integration, and compliance with SOC 2, ISO 27001, and UK GDPR requirements

Ensure security controls and processes support global operations, including data sovereignty, cross-border data flows, and regional regulatory variations under UK GDPR

Socialize security best practices, facilitate knowledge transfer, and build collaborative relationships to embed security throughout the development and deployment lifecycle

Drive full solution delivery and implementation of tools that enable secure development, web application protection, and operational security at scale

Balance multiple priorities, overcome obstacles, and maintain structured delivery in a fast-paced, globally distributed environment

Qualification

Microsoft AzureContainer securityApplication securityTechnical project deliveryInfrastructure-as-codeSecure development practicesWeb application securityAnalytical skillsPrioritization abilitiesInfluencing skillsCommunicationProblem-solvingRelationship-building

Required

8+ years in systems/security engineering, application security, web application security, or software security, with combined experience in software development and security practices

5+ years hands-on with Microsoft Azure (IaaS/PaaS, Entra ID, networking, AKS, App Services, policy, etc.)

Strong expertise in container security (Docker, Kubernetes/AKS), infrastructure-as-code (Terraform required; ARM, Azure CLI, PowerShell preferred), and web application security tools/techniques

Broad exposure across infrastructure, web applications, application code, and AI/ML security; subject-matter expertise in at least 1–2 areas (e.g., cloud platform security, secure SDLC, web app protection, or GenAI/agentic AI controls)

Proven track record in technical project delivery: solution design, implementation planning, requirements gathering, dependency management, stakeholder alignment, and operational execution in global environments

Experience with secure development practices (OWASP, threat modeling, SAMM/BSIMM, Agile SDLC), application code security (SAST/DAST, secure coding reviews), and modern tooling/workflows (GitHub Actions, CI/CD security)

Excellent communication, relationship-building, and influencing skills; able to translate technical risk into business context for diverse global stakeholders

Self-starter with strong analytical, problem-solving, and prioritization abilities

Preferred

Relevant certifications (Azure Security Engineer, CISSP, CSSLP, CISM, etc.)

Experience building or supporting Security Champions programs

Hands-on experience with multi-cloud or hybrid environments supporting global infrastructure

Benefits

Free premium medical, dental, life and vision insurance

Generous 401(k) match

Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses

Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya’s general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling

Celebrations! We hit our goals and reward ourselves.

Company-sponsored virtual events, happy hours and team-building activities are always on the horizon — plus, you get a special treat on your birthday!

Unlimited DTO — we believe in time off!

Virtual yoga, meditation or boot camp classes offered daily

Company

Aya Healthcare

Glassdoor4.1

Aya Healthcare is a provider of workforce optimization solutions for healthcare.

Founded in 2001

San Diego, California, USA

5001-10000 employees

https://www.ayahealthcare.com

H1B Sponsorship

Aya Healthcare has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (3)

2024 (1)

2023 (2)

2022 (6)

2021 (1)

2020 (2)