Application Security Engineer

San Francisco, CA, United States

Applications have closed
Alto Pharmacy logo
Alto Pharmacy

Posted 4 months ago

Alto is a modern pharmacy changing the way people manage and fill their prescriptions with a tech-driven, patient-centric, online pharmacy. Alto provides same-day, free delivery, seven days a week for prescriptions. More importantly, Alto offers cost transparency, personalized mobile support, and real-time coordination with doctors and insurance companies. Our mission is to fulfill medicine’s true purpose - to improve the quality of life for everyone who needs it.    

We recently raised our Series C, surpassed 300 employees across four locations, and are on track to achieve $600M ARR by the end of 2020. Start-up tracker, CB Insights, recently listed Alto as one of the top 50 private companies around the world on a path to a $1 billion valuation. Alto is also featured in The New York Times (2/19) article “These 50 Start-Ups Maybe the Next “Unicorns’.“

Alto’s security program is focused on protecting patient’s security and privacy while enabling our business to operate and grow. We support the product and engineering team as they build a secure platform for our patients, providers and employees. We also work directly with our pharmacy and operations teams to ensure that they can care for our patients securely and efficiently. We work closely with our pharmacy compliance team to ensure that we always respect our patients’ privacy.

We are looking for engineers to join our team to focus on building secure software. You will support a growing engineering team and ensure they have the tools and knowledge to build products that protect our patients. 


  • Team up with our product team to ensure we have a secure development lifecycle.
  • Identify security and privacy requirements early in the product development process.
  • Develop tools and processes that help product engineers write secure code efficiently.
  • Integrate security tools and processes into our development process and architecture to continuously identify vulnerabilities.
  • Educate engineers on secure coding practices.
  • Research current threats, vulnerabilities and exploits to understand the implications for our products and systems.
  • Manage 3rd party assessments, bug-bounties and external vulnerability reports and communicate risks to stakeholders.

You are an ideal candidate if you:

  • Have 2+ years experience in a role focused on software/application security.
  • Are experienced with modern web and mobile development frameworks and languages. We use Ruby, Rails, Go, React, React and Javascript in our products.
  • Are familiar with cloud development environments, such as AWS.
  • Focused on ensuring patient privacy and security across our codebase.
  • Communicate effectively about technical and non-technical topics with a diverse team. 
  • Thrive in a dynamic fast-paced environment where need to consider competing interests, and make decisions quickly and independently. 
  • Believe in Alto’s mission and embodies our company values.


  • Have worked in a healthcare environment and familiar with HIPAA and other regulatory requirements.
  • Relevant security certifications.

Alto Pharmacy is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.

Job tags: Architecture AWS C Go JavaScript Ruby Vulnerabilities