Alan

Software Engineer (Security) - Tech Foundations

Alan6 days ago
Location

Anywhere in France, Belgium, Spain

Type

Full Time

Salary

EUR 65,000 – 95,000

Level

Senior

Role

Security Engineer

Posted

May 19, 2026

Full TimeSenior

The role

Summary

Join Alan's Application Security team as a Security Engineer to design and build foundational security infrastructure for a leading European health tech platform. This role requires full-stack expertise combined with security specialization, focusing on building secure-by-default patterns, authentication systems, encryption components, and secure file exchange platforms. You'll work hands-on across Python, TypeScript, and infrastructure tools while partnering with product teams to reduce risk without creating bottlenecks.

What you'll do

Design and Operate Authentication Infrastructure: Lead the design, development, and operational management of Alan's authentication stack built on a self-hosted identity provider. Drive the transition to passwordless authentication with exceptional user experience while enabling strategic product initiatives that depend on this foundational layer.
Build and Maintain End-to-End Encryption Systems: Develop, evolve, and operate end-to-end encryption components for Alan Clinic, ensuring medical data protection while maintaining frictionless user experiences. Balance security requirements with usability constraints to enable seamless member interactions.
Evolve Secure File Exchange Platform: Own the evolution and operational excellence of the secure file exchange platform used by product and operations teams. Provide technical support and security guidance to unblock team velocity while maintaining security standards across sensitive data transfers.
Contribute to Medical Data Protection Infrastructure: Participate in building secure enclaves and foundational systems to isolate and protect highly sensitive medical data. Collaborate with infrastructure teams to establish security boundaries without compromising operational efficiency or delivery speed.
Establish Engineering-Wide Security Practices: Create and promote reusable security patterns, guardrails, and secure-by-default abstractions across the engineering organization. Build tools and processes including secure CI/CD pipelines, vulnerability remediation automation, and AI/LLM safety frameworks to enable all engineers to ship securely.
Perform Production Operations and Incident Response: Take ownership of production systems through full lifecycle management including rollouts, alerting configuration, on-call responsibilities, and incident response. Own the security posture of deployed systems and lead post-incident reviews to drive continuous improvement.
Collaborate with Product and Security Teams: Work cross-functionally with product crews and Security Operations to reduce real security risk while maintaining developer velocity. Translate complex security concepts for non-security engineers and align multiple teams on technical initiatives like authentication migrations.

What we look for

Technical

Backend DevelopmentStrong proficiency in Python and/or backend development patterns, with ability to build scalable services and APIs
Frontend TechnologiesWorking knowledge of TypeScript, React, and modern frontend development to understand client-side security considerations and UX implications
Infrastructure and DevOpsSolid experience with cloud platforms (AWS, GCP), containerization (Kubernetes), infrastructure-as-code (Terraform), and CI/CD pipelines (GitHub Actions)
Security FundamentalsStrong understanding of authentication protocols, encryption algorithms, secure communication patterns, and common vulnerability classes (OWASP Top 10, etc.)
Database TechnologiesExperience with relational databases (PostgreSQL) and caching systems (Redis) in security-sensitive contexts
Monitoring and ObservabilityProficiency with monitoring tools and practices (Datadog) to ensure security systems maintain high availability and provide actionable insights

Education

Computer Science or Related FieldBachelor's degree in Computer Science, Software Engineering, Cybersecurity, or equivalent industry experience demonstrating strong foundational knowledge

Experience

Full-Stack Software EngineeringMinimum 3 years in full-stack software engineering roles with demonstrated expertise across multiple layers of application development and infrastructure
Systems and API DesignProven experience designing systems, APIs, libraries, or frameworks that are used by other engineers or teams, with focus on usability and adoption
Production OperationsHands-on experience shipping, owning, and operating production systems including managing deployments, configuring monitoring and alerting, handling on-call responsibilities, and managing incidents
Security Feature DevelopmentTrack record of shipping security features, remediating vulnerabilities, designing authentication or cryptographic flows, or championing secure-by-default patterns within engineering teams
Problem-Solving MindsetDemonstrated ability to transform complex security and infrastructure problems into elegant, maintainable solutions that balance security requirements with usability

Skills

Required skills

Python Backend DevelopmentProfessional experience writing production Python code, ideally with frameworks like Flask, with ability to design secure APIs and services
TypeScript/JavaScriptSolid capability with TypeScript for building secure frontend or backend services, understanding type safety in security contexts
Kubernetes and Cloud InfrastructureHands-on experience deploying and managing containerized applications in cloud environments (AWS or GCP), understanding security implications of infrastructure choices
Authentication and Authorization DesignPractical knowledge of designing and implementing auth systems including OAuth2, OpenID Connect, passwordless flows, and managing identity providers
Encryption and CryptographyApplied understanding of encryption concepts, secure key management, end-to-end encryption patterns, and cryptographic libraries
Security Engineering MindsetAbility to think threat-model-first when designing systems, design secure-by-default abstractions, and communicate security tradeoffs to non-security engineers
System Design and CommunicationCapability to design complex systems, document architecture decisions, create sequence diagrams, and facilitate technical alignment across multiple engineering teams

Nice to have

Terraform/Infrastructure-as-CodeExperience with Terraform or similar tools for managing infrastructure programmatically, preferably including security-focused configurations
Keycloak or Identity Provider OperationsPrevious experience working with Keycloak or similar self-hosted identity platforms, including customization and operational management
Healthcare or Regulated Industry ExperienceBackground working in healthcare, fintech, or other regulated industries with exposure to compliance requirements, data protection obligations, and security audits
End-to-End Encryption ImplementationHands-on experience implementing or operating E2E encryption systems, particularly in applications serving large user bases
CI/CD SecurityExperience securing software supply chains, implementing secure build pipelines, secrets management in CI/CD systems, or supply chain security tooling
API Security and ProtectionExperience implementing API security patterns, rate limiting, DDoS protection, or working with tools like Cloudflare for security infrastructure
Incident Response and Post-MortemsExperience leading or participating in security incident response and conducting blameless post-mortems to improve systems and processes
React and React NativeFamiliarity with React and React Native for understanding mobile and web security considerations in Alan's product ecosystem
Developer Experience OptimizationTrack record of building tools or abstractions that improve developer experience while maintaining security, reducing friction in security-focused workflows

Compensation & benefits

Salary

EUR 65,000 – 95,000 (annual)

Benefits

Flexible Remote Work

Work remotely with flexibility while maintaining in-person collaboration opportunities, enabling work-life balance for team members across multiple European locations

Comprehensive Health and Wellness Benefits

Access to Alan's own health insurance platform with integrated preventative care, telemedicine, and mental health support services

Professional Development

Investment in continuous learning and skill development with access to training resources, conferences, and mentorship from experienced security and engineering leaders

Collaborative Engineering Culture

Work with talented, passionate engineers who have significant product interaction and ownership, creating a stimulating and innovative environment

High-Impact Work

Contribute to building healthcare infrastructure that directly impacts millions of members across Europe, working on problems with real-world health and safety implications

Rapid Growth Opportunities

Significant team expansion planned for 2026 with opportunities to lead initiatives, mentor junior engineers, and shape the security engineering discipline at Alan

Interview process

  1. 1
    Application Review Your application is evaluated based on technical background, security experience, and demonstrated curiosity and potential. Alan explicitly values high potential over perfect requirement matching.
  2. 2
    Initial Conversation A preliminary discussion to understand your security background, experience with infrastructure or backend systems, and interest in the role and Alan's mission.
  3. 3
    Technical Security Discussion In-depth technical conversation covering your experience with authentication systems, cryptography, secure architecture design, and past security engineering projects
  4. 4
    System Design and Problem-Solving Discussion focused on how you approach complex security and infrastructure problems, including designing secure systems, communicating tradeoffs, and working with cross-functional teams
  5. 5
    Engineering Culture Fit Conversation with team members about your engineering philosophy, product thinking, hands-on approach to development, and ability to enable other engineers through security infrastructure
  6. 6
    Offer and Negotiation Successful candidates receive offers with transparent compensation aligned to the C1 level range, with flexibility to discuss benefits and remote work arrangements
Apply for this position

You'll be redirected to the company's application page

Alan

Alan

View all jobs

Alan is a European health company dedicated to making healthcare simpler, more accessible, and more human through technology. It provides a comprehensive digital health insurance platform coupled with a range of health services, including mental health support, telemedicine, and preventative care tools. The company's mission is to empower individuals and businesses to navigate their health journey with ease and confidence. Alan operates primarily in France and Belgium, serving a broad market with its innovative approach to health management. Its services are designed to demystify healthcare and offer a seamless user experience.

Paris, FranceFounded 2016alan.com

Tech Stack

Languages
PythonTypeScriptSQL
Frameworks
FlaskReactReact Native
Databases
PostgreSQLRedis
Tools
AWSGCPKubernetesTerraform/TerramateGitHub ActionsDatadogCloudflareKeycloak
Other
Monorepo ArchitectureDaily Deployment CadenceDistributed Ownership ModelSecurity-First Culture
Apply Now

On this page