AppSec Jobs
← Back to all jobs

Inovalon

Staff Security Engineer L6

Bowie, MDWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Inovalon

Inovalon is an American technology company that specializes in cloud-based platforms for data-driven healthcare. Founded in 1998 in Maryland, the company was originally named MedAssurant and rebranded to Inovalon in 2012. It became publicly traded on NASDAQ in 2015 and was taken private in 2021 after being acquired by Nordic Capital and Insight Partners. The core offering of Inovalon is the Inovalon ONE platform, a real-time, cloud-native solution that connects with the healthcare ecosystem to aggregate and analyze data. This platform provides actionable intelligence through advanced analytics, serving over 50,000 active customers. Inovalon supports a wide range of healthcare stakeholders, including payers, providers, pharmacies, and life sciences organizations. The company has expanded its capabilities through strategic acquisitions, enhancing its services and product offerings. Recent developments include the acquisition of Vigilanz and the introduction of an AI-powered tool for health plans.

Industry

information technology & services

Employees

3,200

531 engineers

Revenue

$750M

Website

Visit →

Security at Inovalon

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Inovalon follows a 'defense-in-depth' philosophy where security is viewed as an 'expectation' rather than a feature.
  • Their strategy emphasizes a Zero Trust Architecture and the implementation of Multi-Factor Authentication (MFA) across their application portal.
  • The approach to development is centered on DevSecOps, aiming to automate security throughout the entire development lifecycle.

Security Team

  • Inovalon's security organization is led by Bill Huan, Chief Information Security Officer, who oversees the company's cybersecurity execution.
  • The team includes high-level technical roles such as Staff Security Engineers (L6).
  • As of, there is at least one active high-level AppSec-related job posting.
  • Common skill patterns required include DevSecOps automation, scripting for pipeline security, and integration of SIEM/SOAR platforms..

Key Initiatives

Active initiatives include the automation of security within the product delivery pipeline using scripting and the development of SOAR playbooks for automated response. The company is also focused on transitioning toward a Zero Trust Architecture. There is no public evidence of a formal Security Champions program or specific vulnerability remediation SLAs.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.