Senior Security Engineer I

We're looking for someone with in-depth expertise in Tableau, data engineering, and IAM principles, standards, and best practices. You'll leverage this knowledge to:Design, implement, and maintain a robust security program specifically for Tableau, ensuring the integrity and confidentiality of our data visualizations.Collaborate cross-functionally with various teams to align IAM solutions with organizational security requirements, facilitating secure and seamless access across the enterprise.Drive impactful security outcomes that directly strengthen our digital landscape and support our critical security compliance initiatives.Your ability to partner effectively across teams will be crucial in this role as we continue to mature our security capabilities. If you're ready to make a significant impact on data security at a fast-paced, innovative company, we encourage you to apply!

• Working cross-functionally to design, build, and operate solutions that improve  and mature our security capabilities
• Leveraging data to understand trends, metrics, and opportunities to improve our security posture, researching options, and then making recommendations as options to secure those opportunities with stakeholders
• Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
• Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures

• BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 6 years security domain experience without degree.
• 4+ years combined experience as a security engineer in an enterprise environment (preferably cloud) across multiple disciplines.
• 3+ years of relevant work experience in Enterprise Identity and Access management and/or Consumer Identity and Access management and security posture management.  
• 2+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long term business value.

• Core Responsibilities & Strategy:
• Develop and enforce comprehensive Tableau access control strategies, policies, and procedures to ensure data confidentiality, integrity, and availability.
• Design and implement Role-Based Access Control (RBAC) models within Tableau Server/Cloud, aligning user permissions with organizational roles and data sensitivity.
• Establish and maintain Tableau site roles, groups, and individual user permissions, ensuring proper segregation of duties and least privilege access principles.
• Collaborate with data owners, business stakeholders, and IT teams to define granular data access requirements and translate them into effective Tableau security configurations.
• Conduct regular security audits and reviews of Tableau environments to identify potential vulnerabilities, unauthorized access, and ensure compliance with internal policies and external regulations (e.g., GDPR, HIPAA).

• Configure and manage user authentication methods (e.g., Active Directory, SAML, OpenID Connect, MFA) within Tableau, integrating with enterprise identity management systems.
• Implement and manage Row-Level Security (RLS) using various methods (e.g., user filters, data policies, database RLS) to restrict data visibility based on user attributes.
• Administer project-level permissions, locking permissions where appropriate to ensure consistent security across content within a project and minimize individual workbook permission overrides.
• Manage and monitor data source permissions, ensuring secure connections to underlying data sources and controlling capabilities like data download and web editing.
• Oversee content governance, including the certification of trusted data sources and the implementation of data quality warnings to promote secure and reliable data consumption.
• Configure and maintain secure communication within Tableau, including SSL/TLS encryption for data in transit and at rest.

• Monitor Tableau activity logs and administrative views to detect and investigate suspicious access patterns, permission changes, or security incidents.
• Develop and execute incident response procedures related to Tableau security breaches or unauthorized access attempts.
• Proactively identify and mitigate security risks within the Tableau environment, staying updated on the latest security threats and Tableau security features.
• Provide guidance and training to Tableau users and content creators on security best practices, access control mechanisms, and data governance policies.
• Optimize Tableau performance while maintaining robust security, ensuring efficient data access without compromising security posture.

• Coordinate with Data Governance to ensure all requirements are met

• Education & Experience:
• Bachelor's degree in Health Informatics, Information Technology, Computer Science, or related field
• 3-5 years of experience in healthcare data security, access management, or Tableau administration within clinical environments
• Demonstrated experience implementing security frameworks for healthcare analytics and population health management platforms

• Advanced proficiency in Tableau Server and Tableau Cloud administration with specific experience securing clinical and patient data visualizations
• Strong knowledge of Role-Based Access Control (RBAC) principles applied to healthcare settings and clinical workflows
• Experience with healthcare data governance frameworks and PHI (Protected Health Information) access control policies
• Proficiency in security auditing tools for healthcare business intelligence platforms and clinical analytics systems
• Understanding of clinical data classification, patient privacy requirements, and healthcare database security concepts

• Deep working knowledge of HIPAA Security and Privacy Rules, including technical, administrative, and physical safeguards
• Experience with healthcare compliance frameworks including HITECH Act, state privacy laws, and CMS requirements
• Proven experience conducting HIPAA risk assessments and security vulnerability analyses in healthcare technology environments
• Familiarity with healthcare audit processes, breach notification requirements, and documentation standards

• Strong analytical abilities with understanding of population health metrics, quality measures, and value-based care analytics
• Excellent communication skills with ability to collaborate with clinical stakeholders, practice administrators, and healthcare IT teams
• Experience working with primary care practices, ACOs, or health systems to define clinical data access requirements
• Project management skills with experience managing security initiatives that impact patient care delivery and clinical workflows

• Tableau certification (Server Certified Associate or higher)
• Healthcare security certifications (CHPS, HCISPP, or similar)
• Experience with value-based care analytics and population health management platforms
• Knowledge of clinical quality measures (HEDIS, CMS Stars, MIPS)

• Proven ability to collaborate effectively with cross-functional teams including IT, business users, and data owners
• Project management skills with experience managing multiple security initiatives simultaneously

• Tableau certification (Server Certified Associate or higher)
• Security certifications (CISSP, CISA, or similar)
• Experience with additional BI platforms (Power BI, Qlik, etc.)

• Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.

Who We Are:

Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place.

What Does This Mean for You?

At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission.

In addition to time off to support work-life balance and enjoyment, we offer the following comprehensive benefits package designed for the overall well-being of our team members:

Flexible work schedules and the ability to work remotely are available for many roles

Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners

Robust time-off plan (21 days of PTO in your first year)

Two paid volunteer days and 11 paid holidays

12 weeks paid parental leave for all new parents

Six weeks paid sabbatical after six years of service

Educational Assistant Program and Clinical Employee Reimbursement Program

401(k) with up to 4% match

Stock options

And much more!

At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation.

Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at  https://www.aledade.com/privacy-policy-applicants