Job Description

About the Role
Title:
Sr. Application Security Architect
Location:
USA Remote
Salary Range
$120,000.00 - $165,000.00 Salary/year
Position Type
Full Time
Job Description:
HealthStream is the leader in healthcare workforce solutions. We help organizations work better by helping their people work smarter.
HealthStream provides the leading learning, clinical development, credentialing, and scheduling applications delivered on healthcare’s #1 platform. We streamline everyday tasks while improving performance, engagement, and safety – fostering a workplace where people flourish, and care thrives.
Why Join Us
At HealthStream, you’ll have the opportunity to make a meaningful impact on the future of healthcare by collaborating with a team of talented professionals dedicated to innovation and excellence. We offer competitive compensation, comprehensive benefits, and a supportive work environment where creativity and collaboration thrive.
Our shared vision is to enhance the quality of healthcare by empowering the people who deliver care – a commitment we have upheld for over 30 years through providing innovative solutions and driving constant growth. Join us in revolutionizing the healthcare industry and shaping the future of patient care. As a HealthStreamer, you will be at the forefront of healthcare technology innovation, making a recurring impact on the industry.
We’re proud of our values-forward culture that offers our people:
Mission-oriented work
Diverse and inclusive culture
Competitive Compensation & Bonuses
Comprehensive Insurance Plans
Mental and Physical Health Support
Work-from-home flexibility
Fitness Center Reimbursements
Streaming Good time off for volunteering
Wellness workshops
Buddy Program for new HealthStreamers
Collaborative work environment
Career growth opportunities
Continuous learning opportunities
Inspiring workspaces to collaborate and connect with other HealthStreamers
Free employee parking at our Resource Centers in Nashville and San Diego
At HealthStream, our thriving culture encourages collaboration and values contributions, allowing our team members to continuously solve big problems and grow. We offer flexibility and paid time off to support work-life integration for all employees, including a hybrid work environment and Streaming Good volunteer day. For team members in commutable distance, HealthStream has Resource Centers in Nashville, TN and San Diego, CA. Our resource centers provide an inspiring workspace to collaborate and recharge as well as company-sponsored onsite social events for development, connection, and celebration.
We are committed to driving innovation in healthcare and ensuring that patients receive competent care from qualified professionals. As a HealthStream team member, you will help bring this vision to life. If you want to work for a company committed to its values and vision, HealthStream is the place for you!
HealthStream is an equal opportunity employer. HealthStream prohibits employment practices that discriminate against individual employees or groups of employees on the basis of age, color, disability, national origin, race, religion, sex, sexual orientation, pregnancy, veteran or military status, genetic information or any other category deemed protected by state and/or federal law.
Position Overview
The Senior Application Security Architect is responsible for leading and overseeing the comprehensive application security program at an organizational level. This role requires expertise in designing, implementing, and continuously improving secure development practices within application frameworks. The Senior Application Security Architect will partner with multiple teams, including DevOps, Engineering, and Architecture, to ensure the integration of security principles into all stages of the software development lifecycle. This position will also focus on formalizing security strategies, ensuring scalability, and enhancing organizational resilience against security threats.
Key Responsibilities
You will be responsible for adhering to all HealthStream security policies, procedures, and assigned training.
Lead the design, implementation, and continuous improvement of secure web development practices across the organization.
Establish formal processes and frameworks to manage application security, including threat modeling, code reviews, and vulnerability assessments.
Manage and enhance automated security tools, such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST).
Produce detailed reports on application vulnerabilities and collaborate with development teams to propose mitigation strategies.
Build, maintain, and enforce security policies, procedures, and standards within the application development lifecycle.
Collaborate with cross-functional teams to incorporate security into CI/CD pipelines and secure DevOps processes.
Evaluate new security tools and technologies, operationalize them into the existing infrastructure, and integrate with development and deployment workflows.
Stay current on emerging security threats and vulnerabilities, advising on proactive solutions.
Conduct architectural reviews focused on security principles and guide teams in secure coding practices.
Develop and maintain a secure code library, providing reusable code snippets and cryptographic solutions.
Lead the adoption and integration of security in cloud environments, including AWS and Azure platforms.
Drive continuous improvement of the organization’s security maturity using frameworks such as OWASP SAMM.
You will be responsible for adhering to all HealthStream security policies, procedures, and assigned training.
Qualifications
Requirements
Bachelor’s degree in Information Security, Computer Science, or a related field.
Minimum of 10 years of experience in application development, information security, and web application security.
Extensive experience in application security testing and penetration testing across various platforms.
Proficiency in implementing and managing security testing tools (SAST, DAST, IAST) and integrating them into DevSecOps pipelines.
Programming expertise in languages such as JavaScript, React, Java, Python, Go, or C/C++.
Hands-on experience with securing cloud-based solutions (AWS, Azure).
Strong understanding of OWASP principles and secure software development practices.
Experience in Agile and CI/CD pipeline development, with a focus on integrating security into the process.
Experience security API’s
Proficient in secure application design on a variety of platforms
Experience managing DAST tooling
Experience managing SAST tooling
Proven ability to convert manual security processes into automated, scalable workflows.
Subject matter expertise in secure software design, architecture, and threat modeling.
Familiarity with industry-standard security frameworks such as OWASP SAMM.
Experience in securing open-source code and contributing to the secure deployment of enterprise-level applications.
Experience with secure methods of integrations with other platforms
Familiar with the trends in artificial intelligence
Experience using application security tools like Synk, Invicti and DefectDojo
Qualifications
Strong leadership and project management skills, with experience in driving security initiatives across multiple teams.
Excellent written and verbal communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences
Ability to conduct source code reviews and deliver security education to development teams.
Committed to quality and its continuous improvement.
Solves problems proactively.
Committed to learning better and more efficient ways to accomplish tasks.
Excellent Communication Skills
Compensation:
The salary range for this position is $152,171 - $165,000. Salary will be determined on the candidate’s level of experience and qualifications. Compensation will be commensurate with skills, relevant experience, and performance in similar roles.
Benefits
HealthStream offers a comprehensive benefits package to eligible employees, including:
Medical, Dental and Vision insurance
Paid Time Off
Parental Leave
401k and Roth
Flexible Spending Account
Health Savings Account
Life Insurance
Short- and Long-Term Disability
Medical Bridge Insurance
Critical Illness Insurance
Accident Insurance
Identity Protection
Legal Protection
Pet Insurance
Employee Assistance Program
Fitness Reimbursement
Are you passionate about enhancing healthcare outcomes and empowering healthcare professionals? Join the HealthStream team and become a HealthStreamer! Together, we can make a difference in the world of healthcare.
Req #43985