About Alaffia & Our Mission

Every year, U.S. health plans lose billions to improper payments and administrative waste. That wasted spending ultimately trickles down across the healthcare ecosystem, driving up costs for plans, providers, and patients alike. We’re here to change that paradigm.

Alaffia is a new kind of claims operations partner for health plans. Using expert clinicians and transparent AI, we deliver deeper insights, smarter automation, and consistently better outcomes across the entire lifecycle of claims. With Alaffia, health plans can cut wasted spending more effectively than ever — and provide their members the most affordable care.

We’re a high-growth, venture-backed Series B healthtech startup based in NYC and are actively scaling our company. Join us in helping to build a healthcare system that works better for everyone.

*This position requires current authorization to work in the United States. Unfortunately, we are not in a position to sponsor work visas at this time.

About the Role & What You’ll Be Doing

As a Security Operations Engineer, you will be the operational backbone of our information security program — safeguarding a complex, cloud native tech stack across a SOC 2 Type II, HIPAA, and HITRUST-certified environment while we pursue ISO/IEC 42001:2023 AI management system certification. This is not a traditional watch-and-react security role. You will architect and drive automation-first security operations: building SOAR playbooks, enforcing infrastructure-as-code security policies, automating compliance workflows, and embedding security throughout our SDLC. You will work closely with engineering, data, and clinical product teams to make security a seamless part of how Alaffia builds and ships — at the speed AI demands.

Responsibilities

Security and IT Automation & Engineering

• Design and operate SOAR workflows to automate detection, triage, and response across our security tooling.
• Build and maintain IaC security policies and code security analysis pipelines integrated into CI/CD.
• Automate user provisioning, de-provisioning, and access reviews aligned with RBAC and least-privilege principle.
• Implement and automate secrets management and rotation using tools like 1Password Secrets Automation and HashiCorp Vault.
• Develop and enforce data loss prevention (DLP) controls and data labeling workflows

Endpoint, Identity & Device Security

• Administer MDM platforms to enforce device compliance, configuration baselines, and security controls.
• Manage IAM, PLP, and RBAC across cloud and SaaS environments; conduct regular access review and certifications.
• Own the secure onboarding, role-change, and offboarding lifecycle end-to-end.

Incident Response & Threat Management

• Lead the full security incident response lifecycle — detection through remediation — leveraging CrowdStrike, Splunk, and ProofPoint.
• Conduct proactive threat hunting and maintain threat intelligence pipelines using the MITRE ATT&CK framework.
• Manage IDS/IPS monitoring and tune alerting to reduce noise and improve signal fidelity.

Compliance & Vulnerability Management

• Automate vulnerability scanning, tracking, and SLA reporting across infrastructure and applications.
• Support and co-own compliance audits for SOC 2 Type II, HIPAA, and HITRUST; contribute to Alaffia’s ISO/IEC 42001:2023 AI governance certification initiative.
• Conduct vendor security reviews for new SaaS and AI tool onboarding.
• Perform annual IT environment audits and manage audit evidence collection.

Support & Collaboration

• Triage and resolve non-hardware IT support tickets via automation.
• Collaborate with software engineers to integrate security into the SDLC — including dependency scanning, secrets detection, and container security.
• Produce security documentation, runbooks, and knowledge-sharing materials to upskill the broader team.

Skills & Qualification

Security Operations & Administration

• 5+ years of hands-on security engineering or operations experience in a cloud-native environment.
• Proficiency in IAM, RBAC, and privileged access management across cloud and SaaS platforms.
• Experience with MDM platforms.
• Solid foundation in vulnerability management — scanning, prioritization, and remediation tracking.
• Working knowledge of secrets management tools and secure credential lifecycle practices.

Security Monitoring & Incident Response

• Hands-on experience with XDR/EDR and SIEM platforms.
• Familiarity with MITRE ATT&CK, threat hunting methodologies, and IDS/IPS operations.
• Proven ability to own end-to-end incident response, from triage through post-mortem.

Automation & Engineering Mindset

• Demonstrated experience building security automations (SOAR, scripting, API integrations).
• Comfortable working with IaC tools and integrating policy-as-code into CI/CD pipelines.
• Ability to write scripts or lightweight tooling in Python, Bash, or similar to eliminate manual toil.

Compliance & Frameworks

• Practical understanding of HIPAA, SOC 2, and HITRUST requirements and audit processes.
• Awareness of AI governance and risk management frameworks (ISO/IEC 42001:2023, NIST AI RMF) — willingness to grow expertise here is essential.

Communication & Collaboration.

• Ability to communicate risk and security concepts clearly to both technical and non-technical audiences.
• Collaborative partner to engineering, product, and clinical teams — not a gatekeeper, but an enabler.
• Self-directed and comfortable prioritizing in a fast-moving startup environment.

Nice to Have

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, or equivalent practical experience.
• 5+ years of IT/security industry experience; healthcare, cloud, or AI-adjacent environments strongly preferred.
• One or more relevant certifications valued: CompTIA Security+, CySA+, or CASP+; ISC2 CISSP; ISACA CISM, CISA, or CCSP; AWS Security Specialty or Microsoft AZ-500

Software and Tools

• Direct experience with CrowdStrike Falcon, Splunk SIEM, or ProofPoint email security.
• Experience with Addigy (macOS MDM) and/or Microsoft Intune for cross-platform device management.
• Familiarity with 1Password for Teams/Secrets Automation or HashiCorp Vault.
• Background in or exposure to healthcare industry security requirements beyond HIPAA(e.g., HITRUST r2 audit participation).
• Experience contributing to or preparing for ISO/IEC 42001:2023 or NIST AI RMF implementations.
• Comfortable working in software development environments using TypeScript, Python, or Go; Docker/Kubernetes; GitHub; Datadog.
• Experience with developer security tooling: SAST, DAST, dependency scanning, or secrets detection in CI/CD.
• Prior involvement in building or maturing a security program at a startup or high-growth company.

Our Culture

Alaffia was born out of our founders’ personal connection to the inefficiency of the U.S. healthcare system. We are deeply mission-driven, with an abiding belief that technology can help create a better future for everyone — and we’re looking for others who share our passion for change to join the team.