About The Position
Alan is building the new standard in prevention insurance, integrating insurance, prevention, and care into a single user experience. The Engineering team builds the infrastructure, interfaces, and applications to provide first-class service. As an engineer at Alan, you join a team of talented, committed, and passionate engineers with significant product interaction, moving fast with a lot of ownership. The Application Security crew, within the Tech Foundations area, is responsible for building, evolving, and operating foundational security building blocks and secure-by-default patterns. Their mission is to make Alan's products safe by design, highly available, and easy to ship, while partnering with product teams and Security Operations to reduce real risk without creating bottlenecks. The scope includes security core components in the product such as authentication and encryption, as well as security platforms like secure file exchange and secure enclaves for medical data. The team also contributes to engineering-wide security practices by building tools and patterns for secure CI/CD, vulnerability remediation, and AI/LLM safety. The focus for 2026 includes completing the modernization of authentication flows, unlocking strategic initiatives with new authentication/encryption flows, and evolving AI-augmented development. They have massive ambitions for their Security stack and posture with enhanced tools and processes.
Requirements
- 3+ years in full-stack software engineering roles
- Experience designing systems, APIs, libraries, or frameworks used by other engineers
- Shipped, owned, and operated production systems (rollouts, on-call, incidents)
- Shipped secure features, fixed vulnerabilities, designed auth/crypto flows, or championed secure-by-default patterns in past teams
- Ability to turn complex problems into elegant secure solutions
- Care about creating secure-by-design products while keeping delightful experiences
- Treat security engineering as product work
- Hands-on coding experience (Python, TypeScript, Terraform)
- Ability to ship and operate code to production yourself
- Comfortable writing framing documents and drawing sequence diagrams
- Ability to align multiple product crews on technical migrations
- Ability to make complex security tradeoffs legible to non-security engineers
- Focus on enabling product crews to ship secure features efficiently
- Fluent in English
Nice To Haves
- French language proficiency is not required but is a bonus.
Responsibilities
- Design, build, and operate the authentication stack on top of our self-hosted identity provider, aiming to go passwordless with great UX.
- Build, evolve, and operate our end-to-end encryption component used by our Alan Clinic.
- Evolve and operate our secure file exchange platform.
- Contribute to the foundations to isolate and protect highly sensitive medical data within a secure enclave.
- Contribute to engineering-wide security practices by building tools and patterns for secure CI/CD, vulnerability remediation tooling, and AI/LLM safety.
- Ship, own, and operate production systems, including rollouts, on-call, and incident response.
- Design and communicate security solutions, including writing framing documents and sequence diagrams.
- Build reusable patterns, guardrails, libraries, and secure-by-default abstractions.
Benefits
- Stimulating environment
- Perks ensuring they are happy, efficient and spend only high-quality time with co-workers
- Innovative working method
- Strong culture
- Remote work flexibility
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
