Senior Security Engineer (Platform Security)

Grow your career internally or refer a friend to athenahealth!

Position Summary: We are looking for a Senior Security Engineer (Platform Security) to join the athenahealth team in Bangalore. This role focuses on strengthening platform and application security capabilities by improving the adoption of security automation, orchestration, and Security Development Lifecycle (SDL) practices across the organization. The ideal candidate will collaborate closely with scrum teams, product managers, security architects, Dev

Ops, and engineering leadership to design and implement secure development practices and scalable security solutions. This role requires strong expertise in application security, cloud security, secure architecture, and modern security tooling.

About the Team: The Platform Security team at athenahealth works on solving complex application and platform security challenges at scale. The team partners with engineering, infrastructure, and security stakeholders to improve secure development practices, strengthen cloud and application security posture, and enable scalable protection across enterprise systems. Team members leverage deep technical expertise, collaboration, and innovation to support healthcare technology solutions that help medical professionals focus on patient care.

Essential Job Responsibilities:

• Drive the adoption and execution of Security Development Lifecycle (SDL) and application security best practices across R&D teams

• Contribute to enterprise security standards, patterns, and secure implementation frameworks for product development

• Partner with Information Security teams to deploy and manage applications across public cloud platforms including AWS, Azure, and GCP

• Integrate and optimize application security tools such as CNAPP, SCA, and API security testing into development pipelines

• Evaluate, implement, and enhance GenAI security controls across enterprise environments

• Identify architectural and feature-level security weaknesses and recommend mitigation strategies

• Collaborate with Dev

Ops, Platform, Infrastructure, and security leadership teams to build and maintain security-hardened technology stacks

Additional Job Responsibilities:

• Track, prioritize, and support remediation of security vulnerabilities and open risks

• Document and automate protection coverage for common attack patterns and abuse cases

• Support secure software design reviews and threat modeling activities

• Promote secure coding practices and security awareness across engineering teams

• Assist in implementing scalable security automation and orchestration initiatives

• Participate in enterprise security reviews, audits, and compliance alignment activities

• Contribute to continuous improvements in platform, cloud, and application security operations

Expected Education & Experience:

• Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, or related field; equivalent experience considered

• Minimum 5 years of software development experience with 3–5 years in security-focused engineering or application security roles

• Strong knowledge of programming languages such as Java, Java

Script (Node.js), C#, Perl, or Python with ability to identify security vulnerabilities in code

• Experience with cloud platforms including Amazon Web Services, Microsoft Azure, and Google Cloud Platform

• Hands-on experience with containerization technologies such as Docker and Infrastructure as Code tools like Terraform or Cloud

Formation

• Knowledge of modern security technologies and protocols including OAuth, SAML, Kubernetes, REST APIs, Service Bus architectures, and JSON

• Familiarity with healthcare and security compliance standards such as HIPAA, HITRUST, and PCI-DSS preferred

Have you notified your current manager of your application?