HHAeXchange
Principal Cloud Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About HHAeXchange
HHAeXchange is a cloud-based homecare management software platform designed for Medicaid and private duty agencies, managed care organizations, state Medicaid programs, and homecare providers. It streamlines operations with integrated tools for billing, payroll, HR, compliance, and workforce management, facilitating efficient client and caregiver management. The platform offers a comprehensive suite of applications tailored to the homecare ecosystem. Key features include agency management for payroll and scheduling, self-direction support for managing caregivers, and state-specific solutions for customized homecare management. HHAeXchange also provides value-based care tools that enable caregivers to collect real-time data, enhancing patient outcomes. With a focus on real-time data, mobile accessibility, and integration, HHAeXchange supports homecare for Medicaid home and community-based services, promoting collaboration among stakeholders. Pricing starts at $375 per month, with demos available for evaluation.
Security at HHAeXchange
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“HHAeXchange emphasizes a compliance-centric and automated approach to application security, prioritizing a secure software development lifecycle (SDLC) and adherence to healthcare-specific standards. * **Stated AppSec Mission:** "HHAeXchange has numerous security and privacy certifications, a secure software development lifecycle, and advanced auditing capabilities"– hhaexchange.com, * **Risk Philosophy:** Focus on regulatory alignment – "Define and enforce security baselines aligned with NIST 800-53, HITRUST, and CIS Benchmarks"– LinkedIn Job ID 4390658756, * **Developer Enablement:** Focus on automation within the developer workflow – "Integrate automated security controls into CI/CD pipelines"– LinkedIn Job ID 4390658756, **Gaps & Contradictions:** * No specific quotes found regarding 'paved road' vs. 'gatekeeping' terminology.”
Security Team
HHAeXchange's security function is led by a Chief Information Security Officer who oversees information security, IT risk, and compliance. The company is currently expanding its technical security capabilities, specifically seeking a Principal Cloud Security Engineer to manage automated security controls and compliance baselines. **Key Public-Facing Leaders:** * Nicholas Fahrney, Chief Information Security Officer – https://www.linkedin.com/in/fahrney * Key Quote: "creation and execution of HHAeXchange's Information Security, IT risk and Compliance programs."– LinkedIn profile, **Active AppSec Job Postings (as_of:):** * Count: 1 (Principal Cloud Security Engineer) * Common Skill/Tool Patterns: Emphasis on CI/CD integration, SAST/DAST automation, and compliance frameworks (NIST, HITRUST). **Gaps & Contradictions:** * Information not publicly available regarding the specific reporting line of the AppSec team beyond the CISO.
Key Initiatives
Current initiatives are heavily focused on cloud security automation and maintaining high-level healthcare compliance certifications. * **Security Champions Program:** No Evidence Found. * **"Shift Left"in Practice:** Automation of security testing within the build process – "Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning...)"– LinkedIn Job ID 4390658756, * **Secure SDLC Artifacts:** Maintenance of rigorous audit standards – "HHAeXchange also maintains our SOC 1 and SOC 2 infosec security certification"– hhaexchange.com/platform, * **Recent Initiatives:** Ongoing HITRUST compliance – "HHAeXchange has acheived HITRUST CSF Certified status"– Press Release ⚠️, **Gaps & Contradictions:** * Information not publicly available regarding specific vulnerability triage SLAs or MTTR metrics.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.