Full-Stack Developer / Security EngineerApply Now
Bellese Technologies is looking for someone with a passion for solving big problems in healthcare. We need engineers who love to develop performant, elegant, and useful solutions that are used by millions of Americans to provide information about care and coverage when they need it most to make decisions about their health. We develop digital services that empower patients and caregivers with cost and quality information, as they have come to expect.
Do you believe Americans deserve to know the cost of healthcare at the time treatment is recommended by their provider? Do you like to tackle complex problems and help define/build their solution? Do you like to translate the needs of humans into software designs and solutions? Do you enjoy the complex data analysis with large data sets? If you answer “yes” to many/all of these questions then you may be just the kind of person we are looking for.
Our team is charged with developing digital services at the Centers for Medicare and Medicaid Services (CMS) that provide healthcare price transparency to a vulnerable population that typically has multiple health issues. We do this through HCD and service design practices, product thinking, and skilled engineering. At Bellese, we’re relentlessly focused on enabling and empowering patients to make well informed healthcare choices while improving the quality and safety of their care.
Bellese Technologies is a healthcare focused civic technology firm. We foster a learning environment that thrives on curiosity, innovation, and passion about improving healthcare in America. Our remote-first team is spread across 20 states and leverages exceptional collaboration to amplify our strengths. Bellese is minority owned and operated. We provide an environment focused around helping you achieve your goals. Because when you succeed, we all succeed.
You’re good at
- Establishing security controls for cloud-based product solutions.
- Identifying attack surfaces and modeling potential security threats in cloud based infrastructure and applications.
- Establishing a security-first mindset, where active security analysis is built throughout the iterative cycles of research, design, development, and operations.
- Developing and maintaining security specifications and documentation.
- Ensuring security testing is built into DevSecOps pipelines from digital service inception.
- Implementing DevSecOps pipeline tools to support automated static source code and dynamic product analysis.
- Developing in programming languages to build scalable digital services (React, Typescript, Go, Java).
- Building APIs that provide data and information to 3rd-party consumers.
- Translating ideas into actionable solutions.
- Analyzing data, developing insights, and simplifying solutions to complex problems.
- Working in a product development lifecycle - from research to design inception to implementation. Designing enterprise-scale, cloud-based architectures that maximize performance while minimizing costs.
We need your help to
- Develop secured digital services that provide healthcare cost transparency to millions of Americans.
- Sit in the customer’s and user’s shoes. You seek to understand and empathize with the users and their goals – their problems are your problems.
- Reduce ambiguity in problems through quantitative and qualitative research.
- You work with your team to go to the source and make sure you truly understand the issues that the providers and customers want to be solved.
- Ruthlessly prioritize the right features and solutions.
- Measure results. You define success through clear metrics so the customer can see what works and what doesn’t.
- Succinctly communicate or demonstrate issues to your team, and lead the thought process of your team to drive toward feasible, viable, and highly-usable solutions.
- Work with customer support and user research to identify current user experience issues, and drive measurable improvements.
- Work as a part of an agile software development team. You’re a creative thinker and skilled communicator who thrives in cross-functional teams.
- Translate ideas into actionable, testable solutions, and working with engineering teams to define and implement those solutions.
- Engage and communicate with both technical and non-technical folks.
Extra credit for expertise in
- Designing security controls to protect PII and PHI. Adhering to NIST and CMS security documentation, including but not limited to NIST 800-53, NIST 800-63, CMS Acceptable Risk Safeguards (ARS), CMS Risk Management Handbook (RMH) and CMS Federal Information Security Management Act (FISMA) Controls Tracking System (CFACTS).
- Developing Security Impact Analysis, System Security Plans, Information Security Risk Assessment, Privacy Impact Assessments, Contingency Plans, Incident Response Plans, and other security and privacy plans, processes, and procedures.
- Documenting and maintaining Plan of Action and Milestones (POA&Ms) for weaknesses identified in security tests and/or audits.
- Ensuring all necessary requirements are met for ongoing assessment of CMS systems to continue with an existing Authority to Operate (ATO) or attaining a new ATO as required.
- Assisting CMS ISSO with all necessary functions to ensure compliance for all current systems.
- Three weeks paid leave
- Flexible Schedule and Remote-First culture
- $3000 annual education stipend
- Macbook Pro, home monitor, $150 annual electronics stipend
- Collaborative, learning environment
- Health insurance
- 401K Plan with Safe Harbor contribution
- Full-time remote work (from anywhere in the United States), even post-pandemic
- Great people and minority ownership that is committed to “Improving the healthcare journey through civic innovation.”
- A commitment to civic technology and working on things that make an impact
Apply For This Job
If you are still reading, we should talk. Take a few minutes to “Apply for This Job” to get the conversation started. Your future self will thank you. We look forward to talking to you.
Executive Order requiring COVID safety protocols
Bellese employees are Federal Workers and are subject to Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors, dated September 9, 2021 (published in the Federal Register on September 14, 2021, 86 FR 50985). As condition of employment, employees will need to provide either: a: proof of completed COVID vaccinations OR b: have an approved medical or religious exemption and proof of weekly COVID testing.
U.S. citizen or legal right to work in the United States without sponsorship
Bellese Technologies, LLC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. In addition to federal law requirements, Bellese Technologies, LLC complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
EEO is the law:
EEO is the Law Poster Supplement