Alan

Software Engineer (Security) - Tech Foundations

AlanYesterday
Location

Anywhere in France, Belgium, Spain

Type

Full Time

Salary

EUR 55,000 – 75,000

Level

Mid

Role

Security Engineer

Posted

Apr 14, 2026

Full TimeMid

The role

Summary

Join Alan's Tech Foundations team as a Security Software Engineer to design and build foundational security infrastructure protecting sensitive health data across a vertically integrated healthcare platform serving over a million members across Europe and Canada. You'll architect secure-by-design authentication and encryption systems, operate critical security platforms, and partner with product teams to embed security practices throughout the organization while maintaining exceptional developer experience and system reliability.

What you'll do

Design and Operate Authentication Stack: Design, build, and operate a passwordless authentication system on top of Alan's self-hosted identity provider. Lead the modernization of authentication flows to achieve high availability and seamless user experience while unlocking strategic initiatives that depend on this foundational infrastructure.
Build and Evolve Encryption Components: Develop and maintain end-to-end encryption components for Alan Clinic, ensuring they remain delightful and frictionless for members while maintaining robust protection of sensitive health data. Balance security rigor with exceptional user experience in healthcare contexts.
Manage Secure File Exchange Platform: Evolve and operate the secure file exchange platform that enables product and operations teams to handle sensitive healthcare documents safely. Provide technical support and improvements to unblock business operations without compromising security.
Contribute to Security Enclave Development: Contribute to building foundational infrastructure for a secure enclave designed to isolate and protect highly sensitive medical data. Work on architectures that maintain compliance requirements without sacrificing usability or delivery velocity.
Strengthen Security Engineering Practices: Enhance security engineering practices across the organization through vulnerability remediation, CI/CD pipeline hardening, SAST/DAST implementation, infrastructure security improvements, and emerging areas such as AI/LLM security. Build reusable patterns, guardrails, and libraries that prevent vulnerabilities at scale.
Collaborate with Product and Security Teams: Partner with product teams and Security Operations to reduce real security risk while maintaining rapid development velocity. Act as a security enabler, providing guidance on secure-by-default patterns and helping teams ship safely without creating bottlenecks.
Drive Secure-by-Design Mentality: Treat security engineering as product work, embedding security considerations into design decisions from inception. Create abstractions and security patterns that make secure development the default, effortless choice for all engineers across the organization.

What we look for

Technical

Authentication & Identity ManagementUnderstanding of authentication protocols, identity provider systems, passwordless authentication mechanisms, and modern identity architecture patterns.
Cryptography and EncryptionKnowledge of encryption algorithms, end-to-end encryption architectures, key management systems, and cryptographic best practices for protecting sensitive data.
Secure Software DevelopmentProficiency in secure coding practices, vulnerability assessment, threat modeling, and the ability to design systems resistant to common attack vectors.
Infrastructure and DevOps SecurityExperience with CI/CD pipeline security, Infrastructure-as-Code security hardening, container security, and modern deployment security practices.
Security Testing and ToolsFamiliarity with SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), security scanning tools, and vulnerability management processes.
API SecurityUnderstanding of API security principles, OAuth/OpenID Connect implementations, and secure service-to-service communication patterns.

Education

Computer Science or Related FieldBachelor's degree in Computer Science, Software Engineering, Cybersecurity, or equivalent professional experience demonstrating strong foundational knowledge.
Language ProficiencyFluent English communication skills required for collaboration with international teams. French language skills are valued as a bonus given Alan's Paris headquarters and European presence.

Experience

Full-Stack Software EngineeringMinimum 3+ years of professional experience in full-stack software engineering roles, with proven ability to work across frontend and backend systems.
Product and Platform DevelopmentDemonstrated experience designing and building products, platforms, frameworks, or libraries that solve complex engineering problems at scale.
Security Problem-SolvingTrack record of turning complex security challenges into elegant, maintainable solutions that balance protection with usability and developer experience.
Hands-On DevelopmentProven ability to write production-grade code, deploy to production environments, and take ownership of reliability, rollouts, and real-world operational concerns.

Skills

Required skills

Full-Stack Web DevelopmentAbility to build complete web applications with both backend and frontend components, understanding how security considerations impact architecture decisions across all layers.
Security Architecture DesignCapability to design secure systems from first principles, thinking through threat models, attack surfaces, and implementing defense-in-depth strategies appropriate for healthcare data.
Production Operations and ReliabilityExperience deploying, monitoring, and maintaining systems in production environments with focus on high availability, incident response, and operational excellence.
Collaborative Problem-SolvingAbility to work cross-functionally with product teams, operations, and other engineers to translate security requirements into practical, usable solutions without becoming a bottleneck.
Code Quality and MaintainabilityCommitment to writing clean, well-documented, maintainable code that enables other engineers to understand and confidently modify security-critical systems.
Security MindsetIntrinsic understanding that security is not a constraint but an enabler, and ability to help teams ship safely while maintaining development velocity and innovation.

Nice to have

Healthcare/Regulated Industry ExperienceBackground working in healthcare, finance, or other regulated industries where data protection, compliance (GDPR, HIPAA), and risk management are critical concerns.
Identity and Access Management ExpertiseDeep experience with identity providers, single sign-on systems, passwordless authentication, and enterprise IAM solutions at scale.
Cryptography ImplementationHands-on experience implementing end-to-end encryption systems, managing encryption keys, and understanding cryptographic libraries and best practices.
Cloud Infrastructure SecurityExperience with cloud platform security (AWS, Azure, GCP), infrastructure hardening, and securing containerized applications in production.
Developer Experience FocusTrack record of building developer tools, SDKs, or frameworks that make it easy for other engineers to do the right thing and adopt security best practices.
Incident Response ExperienceBackground responding to and investigating security incidents, understanding incident lifecycle, forensics, and how to implement preventive measures.
AI/LLM Security KnowledgeUnderstanding of emerging security concerns related to artificial intelligence and large language models, including prompt injection, data leakage, and secure AI architecture patterns.
French Language CapabilityAbility to communicate in French, enabling deeper collaboration with Paris-based teams and stakeholders across Alan's European operations.

Compensation & benefits

Salary

EUR 55,000 – 75,000 (annual)

Stock options

Available

Benefits

Comprehensive Health Coverage

Access to Alan's healthcare platform as an employee benefit, providing integrated health insurance, telemedicine, mental health support, and preventative care tools with seamless digital experience.

Flexible Remote Work

Remote work flexibility with valued in-person collaboration opportunities, allowing you to work effectively from any location legally eligible to work in France, Belgium, or Spain while maintaining team connection.

Professional Development and Growth

Direct, positive, and caring feedback combined with self-growth ownership. Access to continuous learning opportunities aligned with Alan's 'Always Growing' leadership principle supporting career advancement.

Equity and Competitive Compensation

Fair compensation package designed with salary equity considerations, recognizing the value engineers bring to Alan's mission of transforming healthcare.

Meaningful Work Environment

Opportunity to work on critical healthcare infrastructure that directly impacts millions of members across Europe and Canada, with high ownership, rapid decision-making, and direct product impact.

Innovation-Focused Culture

Work within a company culture guided by strong leadership principles including Mission is the Boss, Distributed Ownership, and Radical Transparency that encourage creative problem-solving and calculated risk-taking.

Diverse Team Collaboration

Join a talented engineering team with significant product interaction, working with passionate engineers who collaborate across Tech Foundations and product crews while tackling substantial problems.

Stimulating Work Perks

Benefits designed to ensure engineers are happy, efficient, and spend high-quality time with colleagues, creating an environment conducive to both productivity and wellbeing.

Interview process

  1. 1
    Application Screening β€” Initial review of your application materials focusing on your passion, curiosity, and demonstration of high potential. Alan explicitly values individuals who show excitement about the opportunity and willingness to grow beyond checking boxes on the requirements list.
  2. 2
    Technical Conversation β€” Detailed discussion about your security engineering experience, past projects, and approach to solving complex problems. Expect questions about your hands-on coding experience, production systems you've built, and how you think about secure-by-default design patterns.
  3. 3
    Security Deep-Dive β€” In-depth technical assessment exploring your understanding of authentication systems, encryption architecture, threat modeling, and how you balance security with developer experience. Likely includes discussion of real-world scenarios you've encountered.
  4. 4
    System Design Discussion β€” Collaborative discussion about designing secure systems for healthcare contexts. You may be asked to architect authentication flows, encryption systems, or security platforms while explaining tradeoffs between security, performance, and usability.
  5. 5
    Team and Culture Fit β€” Conversation with members of the Application Security crew and Tech Foundations team to assess alignment with Alan's leadership principles including Distributed Ownership, collaborative mindset, and commitment to enabling product teams safely.
  6. 6
    Founder or Leadership Chat β€” Potential discussion with leadership to assess your vision, understanding of Alan's mission to transform healthcare through technology, and how you see yourself contributing to long-term company goals.
Apply for this position

You'll be redirected to the company's application page

Alan

Alan

View all jobs

Alan is a European health company dedicated to making healthcare simpler, more accessible, and more human through technology. It provides a comprehensive digital health insurance platform coupled with a range of health services, including mental health support, telemedicine, and preventative care tools. The company's mission is to empower individuals and businesses to navigate their health journey with ease and confidence. Alan operates primarily in France and Belgium, serving a broad market with its innovative approach to health management. Its services are designed to demystify healthcare and offer a seamless user experience.

Paris, FranceFounded 2016alan.com

Tech Stack

Languages
TypeScript/JavaScriptPythonRustGo
Frameworks
React or Vue.jsNode.js/Express or similarNext.js
Databases
PostgreSQLRedis
Tools
Git/GitHubDocker/KubernetesCI/CD Platforms (GitHub Actions, GitLab CI)SAST/DAST ToolsIdentity Providers (Keycloak, Auth0, or custom solutions)
Other
SSL/TLS and Certificate ManagementOAuth 2.0 and OpenID ConnectAPI Security StandardsHealthcare Compliance (GDPR, HIPAA considerations)Threat Modeling Methodologies
Apply Now

On this page

Software Engineer (Security) - Tech Foundations at Alan | Scale Engineer