Description

Company Overview

HealthStream is the leader in healthcare workforce solutions. We help organizations work better by helping their people work smarter.

HealthStream provides the leading learning, clinical development, credentialing, and scheduling applications delivered on healthcare’s #1 platform. We streamline everyday tasks while improving performance, engagement, and safety – fostering a workplace where people flourish, and care thrives.

Why Join Us

At HealthStream, you’ll have the opportunity to make a meaningful impact on the future of healthcare by collaborating with a team of talented professionals dedicated to innovation and excellence. We offer competitive compensation, comprehensive benefits, and a supportive work environment where creativity and collaboration thrive.

Our shared vision is to enhance the quality of healthcare by empowering the people who deliver care – a commitment we have upheld for over 30 years through providing innovative solutions and driving constant growth. Join us in revolutionizing the healthcare industry and shaping the future of patient care. As a HealthStreamer, you will be at the forefront of healthcare technology innovation, making a recurring impact on the industry.

We’re proud of our values-forward culture that offers our people:

• Mission-oriented work
• Diverse and inclusive culture
• Competitive Compensation & Bonuses
• Comprehensive Insurance Plans
• Mental and Physical Health Support
• Work-from-home flexibility
• Fitness Center Reimbursements
• Streaming Good time off for volunteering
• Wellness workshops
• Buddy Program for new HealthStreamers
• Collaborative work environment
• Career growth opportunities
• Continuous learning opportunities
• Inspiring workspaces to collaborate and connect with other HealthStreamers
• Free employee parking at our Resource Centers in Nashville and San Diego

At HealthStream, our thriving culture encourages collaboration and values contributions, allowing our team members to continuously solve big problems and grow. We offer flexibility and paid time off to support work-life integration for all employees, including a hybrid work environment and Streaming Good volunteer day. For team members in commutable distance, HealthStream has Resource Centers in Nashville, TN and San Diego, CA. Our resource centers provide an inspiring workspace to collaborate and recharge as well as company-sponsored onsite social events for development, connection, and celebration.

We are committed to driving innovation in healthcare and ensuring that patients receive competent care from qualified professionals. As a HealthStream team member, you will help bring this vision to life. If you want to work for a company committed to its values and vision, HealthStream is the place for you!

HealthStream is an equal opportunity employer. HealthStream prohibits employment practices that discriminate against individual employees or groups of employees on the basis of age, color, disability, national origin, race, religion, sex, sexual orientation, pregnancy, veteran or military status, genetic information or any other category deemed protected by state and/or federal law.

Position Information

Position Overview

The Senior Application Security Architect is responsible for leading and overseeing the comprehensive application security program at an organizational level. This role requires expertise in designing, implementing, and continuously improving secure development practices within application frameworks. The Senior Application Security Architect will partner with multiple teams, including DevOps, Engineering, and Architecture, to ensure the integration of security principles into all stages of the software development lifecycle. This position will also focus on formalizing security strategies, ensuring scalability, and enhancing organizational resilience against security threats.

Key Responsibilities

You will be responsible for adhering to all HealthStream security policies, procedures, and assigned training.

• Lead the design, implementation, and continuous improvement of secure web development practices across the organization.
• Establish formal processes and frameworks to manage application security, including threat modeling, code reviews, and vulnerability assessments.
• Manage and enhance automated security tools, such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST).
• Produce detailed reports on application vulnerabilities and collaborate with development teams to propose mitigation strategies.
• Build, maintain, and enforce security policies, procedures, and standards within the application development lifecycle.
• Collaborate with cross-functional teams to incorporate security into CI/CD pipelines and secure DevOps processes.
• Evaluate new security tools and technologies, operationalize them into the existing infrastructure, and integrate with development and deployment workflows.
• Stay current on emerging security threats and vulnerabilities, advising on proactive solutions.
• Conduct architectural reviews focused on security principles and guide teams in secure coding practices.
• Develop and maintain a secure code library, providing reusable code snippets and cryptographic solutions.
• Lead the adoption and integration of security in cloud environments, including AWS and Azure platforms.
• Drive continuous improvement of the organization’s security maturity using frameworks such as OWASP SAMM.
• You will be responsible for adhering to all HealthStream security policies, procedures, and assigned training.

Qualifications

Requirements

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• Minimum of 10 years of experience in application development, information security, and web application security.
• Extensive experience in application security testing and penetration testing across various platforms.
• Proficiency in implementing and managing security testing tools (SAST, DAST, IAST) and integrating them into DevSecOps pipelines.
• Programming expertise in languages such as JavaScript, React, Java, Python, Go, or C/C++.
• Hands-on experience with securing cloud-based solutions (AWS, Azure).
• Strong understanding of OWASP principles and secure software development practices.
• Experience in Agile and CI/CD pipeline development, with a focus on integrating security into the process.
• Experience security API’s
• Proficient in secure application design on a variety of platforms
• Experience managing DAST tooling
• Experience managing SAST tooling
• Proven ability to convert manual security processes into automated, scalable workflows.
• Subject matter expertise in secure software design, architecture, and threat modeling.
• Familiarity with industry-standard security frameworks such as OWASP SAMM.
• Experience in securing open-source code and contributing to the secure deployment of enterprise-level applications.
• Experience with secure methods of integrations with other platforms
• Familiar with the trends in artificial intelligence
• Experience using application security tools like Synk, Invicti and DefectDojo

Qualifications

• Strong leadership and project management skills, with experience in driving security initiatives across multiple teams.
• Excellent written and verbal communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences
• Ability to conduct source code reviews and deliver security education to development teams.
• Committed to quality and its continuous improvement.
• Solves problems proactively.
• Committed to learning better and more efficient ways to accomplish tasks.
• Excellent Communication Skills

Compensation:

• The salary range for this position is $152,171 - $165,000. Salary will be determined on the candidate’s level of experience and qualifications. Compensation will be commensurate with skills, relevant experience, and performance in similar roles.

Benefits

HealthStream offers a comprehensive benefits package to eligible employees, including:

• Medical, Dental and Vision insurance
• Paid Time Off
• Parental Leave
• 401k and Roth
• Flexible Spending Account
• Health Savings Account
• Life Insurance
• Short- and Long-Term Disability
• Medical Bridge Insurance
• Critical Illness Insurance
• Accident Insurance
• Identity Protection
• Legal Protection
• Pet Insurance
• Employee Assistance Program
• Fitness Reimbursement

Are you passionate about enhancing healthcare outcomes and empowering healthcare professionals? Join the HealthStream team and become a HealthStreamer! Together, we can make a difference in the world of healthcare.

Req #43985