Software Engineer Security - Tech Foundations H/F

Python/Flask, Typescript, React, React Native, on the coding side. AWS, GCP, Kubernetes, Keycloak, PostgreSQL, Redis, Terraform/Terramate, Datadog, Cloudflare, GitHub Actions on the platform side, all in a monorepo. We deploy daily and believe in distributed ownership - you build it, you own it.

The Application Security crew - within Tech Foundations area

Mission

• Tech Foundations - enables product crews and creates the environment to thrive-combining world-class infrastructure, intuitive developer experience, exquisite operational excellence, and built-in security to make shipping exceptional products effortless.
• Application Security - is one of its crews. Its mission: build, evolve and operate the foundational security building blocks and secure-by-default patterns that make Alan's products safe by design, highly available, and easy to ship, while partnering with product teams and Security Operations to reduce real risk without turning security into a bottleneck.

Scope

• Security core components in the product
• Authentication - design, build and operate the authentication stack on top of our self-hosted identity provider. Our goal is to go passwordless with great UX and unblock strategic initiatives relying on this stack.
• Encryption - build, evolve and operate our end-to-end encryption component used by our Alan Clinic while keeping it delightful and frictionless for our members.
• Security platforms
• Secure file exchange - evolve and operate our secure file exchange platform to unblock product/ops teams while bringing support when relevant.
• Secure enclave for medical secrecy - contribute to the foundations to isolate and protect highly sensitive medical data without sacrificing usability or delivery speed.
• Contribute to engineering-wide security practices by building tools and patterns that help every engineer ship safely (secure CI/CD, vulnerability remediation tooling, AI/LLM safety, etc.).

Focus for 2026:

In 2026, we will grow the team significantly to further increase our impact. We want to complete the modernization of our authentication flows and make it operable at high availability, unlock strategic initiatives by shipping new authentication/encryption flows. We are also evolving our AI-augmented development, by putting AI code assistants as a first-class citizen for everyone, including non-engineers. Ultimately we have massive ambitions around our Security stack and posture with enhanced tools and processes to protect our developers and users., Alaners are provided with a stimulating environment and perks ensuring they are happy, efficient and spend only high-quality time with co-workers.

• : People joining Alan are often surprised and delighted by our innovative working method. We have a set of cultural values that guide our approach to work

3+ years in full-stack software engineering roles

• Experience designing systems, APIs, libraries, or frameworks used by other engineers
• You've shipped, owned, and operated production systems (rollouts, on-call, incidents)
• You've shipped secure features, fixed vulnerabilities, designed auth/crypto flows, or championed secure-by-default patterns in past teams
• You love turning complex problems into elegant secure solutions
• You care about creating secure-by-design products while keeping delightful experiences

Mindset we value

• You treat security engineering as product work: engineers & members are your customers, and security should feel effortless.
• You're hands-on: writing code is the bulk of the job (Python, TypeScript, Terraform). You ship what you write to production yourself, then operate it: rollouts, alerting, on-call, incident response.
• You design and communicate: you're as comfortable writing a framing, drawing a sequence diagram, and aligning 3 product crews on an auth migration as you are writing the code. You make complex security tradeoffs legible to non-security engineers.
• You're an enabler: you measure your impact by how fast product crews ship secure features without ever consulting you. The harder you've worked, the less they have to engage you.
• You build reusable patterns: guardrails, libraries, and secure-by-default abstractions that prevent vulnerabilities at scale.
• You're fluent in English (French is not required)., postgraduate degree EducationalOccupationalCredential bachelor degree EducationalOccupationalCredential associate degree

Alan exists to end the wait. Health is a universal right, and we believe this right can only become real when it's coupled with prevention. We need to stop treating health as something we repair and start treating it as something we build, every day. It's not solely a question of willpower. It's the healthcare system itself that needs to work for everyone, in a sustainable way. So we are building the new standard in prevention insurance. Alan is the first company that integrates insurance, prevention, and care into a single, acclaimed user experience. We are on an incredible journey to build a global leading company, with a . We already partner with 40K+ companies of all sizes, serving more than 1M+ members, and have reached €800M+ in ARR. Prevention as the new norm. That's what we're building with our team of 800+ people. If it speaks to you: we're hiring across France, Spain, Belgium, and Canada. And beyond. The Engineering team In our engineering team, we build the infrastructure, interfaces, and applications to provide first-class service to our members, health professionals, and even ourselves! Being an engineer at Alan means joining a team of talented, committed and passionate engineers, with a lot of product interaction. We move fast, with a lot of ownership, and are proud to tackle big problems! We do security as we do everything else - that is, not quite the traditional way, but always in line with our leadership principles. Want to know more? Read on our Engineering career path.