Security Engineer

Alto is a telehealth pharmacy focused on helping people live healthier by making the prescription experience easier, more supportive, and more affordable. We’re transforming a $500 billion industry by reinventing what a pharmacy can do, for both patients and providers—from hand-delivering medications for free to offering on-call help by text or chat. Over one million deliveries, over a thousand five-star Yelp reviews, and an NPS score of +86 later, we’re proud to say we’ve built a pharmacy that people truly love.

Alto’s security program is focused on protecting patient’s security and privacy while enabling our business to operate and grow. We support the product and engineering team as they build a secure platform for our patients, providers and employees. We also work directly with our pharmacy and operations teams to ensure that they can care for our patients securely and efficiently. We work closely with our pharmacy compliance team to ensure that we always respect our patients’ privacy.

We are looking for a security engineer to join our team to focus on building secure software. You will support a growing engineering team and ensure they have the tools and knowledge to build products that protect our patients. 

Responsibilities:

• Team up with our product team to ensure we have a secure development lifecycle.
• Identify security and privacy requirements early in the product development process.
• Develop tools and processes that help product engineers write secure code efficiently.
• Integrate security tools and processes into our development process and architecture to continuously identify vulnerabilities.
• Educate engineers on secure coding practices.
• Research current threats, vulnerabilities and exploits to understand the implications for our products and systems.
• Manage 3rd party assessments, bug-bounties and external vulnerability reports and communicate risks to stakeholders.

You are an ideal candidate if you:

• Have 2+ years experience in a role focused on software/application security.
• Are experienced with modern web and mobile development frameworks and languages. We use Ruby, Rails, Go, React, React and Javascript in our products.
• Are familiar with cloud development environments, such as AWS.
• Focused on ensuring patient privacy and security across our codebase.
• Communicate effectively about technical and non-technical topics with a diverse team. 
• Thrive in a dynamic fast-paced environment where you need to consider competing interests, and make decisions quickly and independently. 
• Believe in Alto’s mission and embodies our company values.

Bonus:

• Have worked in a healthcare environment and familiar with HIPAA and other regulatory requirements.
• Relevant security certifications.

Alto Pharmacy is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. 

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.