Opportunities at ASG Companies

We believe in putting people first and that talent is based on what you can do, not what you've done. Together, we're building and growing market leading SaaS businesses - and we're having a great time doing it. Join us.
32
companies
46
Jobs

Application Security Engineer

Radicle Health

Radicle Health

Austin, TX, USA
Posted on Monday, January 15, 2024
Radicle Health acquires, invests, and operates mission critical human services software (SaaS) companies. We believe that human services agencies and the people they serve deserve functional, modern, and easy-to-use software. And we believe we're the ones to build it. Radicle Health is backed by Alpine Software Group (ASG), a leading private equity investor in vertical SaaS businesses.

Job Description:

The Application Security Engineer reports to the Sr Director of Security and works directly with the software development and production operations teams building and maintaining our 11 SaaS platforms across Radicle Health. This role requires a hands-on technical engineer to architect software security tooling and integrate security in the software development process.

Key Responsibilities:

  • Lead initiatives and projects to support and enhance security in our application development processes.
  • Bring your ideas forward, evaluating how to optimize the tools we're using and exploring technologies to enhance our security posture and support scalability.
  • Conduct internal penetration testing and code reviews.
  • Create, update, and maintain threat models for a wide variety of software projects.
  • Work closely with software developers to advise on secure coding practices, establish a proactive security posture, and promote continual process improvement.
  • Develop and lead projects to regularly analyze source code, pinpointing and supporting remediation of potential vulnerabilities upon discovery.
  • Create communications representing the status of our security compliance projects and programs to provide stakeholder updates and obtain leadership support.
  • Support development of security training and guidance for internal software development teams.

6 Month Outcomes

  • Influence Software Development: Meet the Radicle software development teams and make a positive impact on how they address security.
  • Understand SDLC: Review documented development processes and understand how they are implemented for each team.
  • Define Target State: Identify security tools and integration points within development processes.

12 Month Outcomes

  • Penetration Testing: Conduct internal penetration tests for 3 products.
  • Stakeholder Support: Work with the Sr Director of Security to generate support for the plan.
  • Implementation: Deploy and operate identified security tools within 2 product development processes.

Experience:

  • 5-7 years of scripting and development experience, preferably supporting web applications.
  • Demonstrated excellent judgment in assessing and prioritizing technical risk.
  • Knowledge of security best practices and standards, such as OWASP ASVS, OWASP S-SDLC, and BSIMM.
  • Excellent communication skills with the ability to articulate complex security issues to technical and non-technical collaborators, with an inclusive mindset.
  • You work to identify and remove bottlenecks for your teammates, both in process and technology.
  • Familiarity with a wide variety of security tools, technologies, and methodologies.

The expected range of base pay for this position is $95,000 - $125,000. Salary ranges are dependent on a variety of factors, including qualifications, experience and geographic location. Range is not inclusive of bonus or benefits. More information about the salary range specific to your working location and other factors will be shared during the hiring process.

Radicle Health is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Radicle Health does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy.