Zelis
Application Security Engineer
Zelis, Greendale, Wisconsin, United States, 53129
Zelis
Discover the connected platform that's bridging gaps and aligning interests of healthcare payers, providers, and healthcare consumers.Zelis is hiring an Application Security Engineer to work in collaboration with the corporate application development teams. The position will be accountable for application security of corporate applications. You’ll work with Application Development teams to identify application assets, data flows, threats, and required cyber security controls, as well as with Application Security Testers to measure the effectiveness of identified cyber security controls.Location and Workplace Flexibility:
We have offices in Atlanta GA, Boston MA, Morristown NJ, Plano TX, St. Louis MO, St. Petersburg FL, and Hyderabad, India. We foster a hybrid and remote friendly culture and all of our employee's work locations are based on the needs of the position and determined by the Leadership team.Responsibilities:Partner closely with corporate stakeholders to understand regulatory, industry, and organizational security requirements.Provide security requirements with acceptance criteria to application development teams using the Agile and Waterfall methodologies.Conduct threat modeling exercises to identify potential security vulnerabilities in corporate applications.Analyze application's components, data flows, and external dependencies to anticipate and mitigate threats.Review the architecture of software applications to ensure that security is integrated at every layer, including network, infrastructure, and application levels.Implement security controls and best practices to address identified risks and vulnerabilities, including encryption, authentication, access controls, input validation, and other security mechanisms.Perform security code reviews to identify and remediate security vulnerabilities in application code.Provide guidance and training to development teams on secure coding practices, security principles, and relevant security tools and technologies.Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.Qualifications:Bachelor’s degree in Cyber Security (or) related degree and experience.4+ years of experience in Cyber Security.2+ years of experience in Agile and writing user stories.2+ years of experience in Application Security and Threat Modeling, as well as application development or application secure code review.Understanding of API and Web security vulnerabilities.2+ years of experience using Octave or Stride.Experience working within a DevSecOps environment.Preferred Qualifications:Experience in security coding, source code management, and/or build and deployment technologies.Experience with web application firewalls.Familiarity with OWASP Top 10 API, Web, and Mobile Application Security Risks.Familiarity with MITRE CWE Top 25 Most Dangerous Software Weaknesses.CDP, CISSP, E|CDE or other relevant certifications.Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST, etc.Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers.Commitment to Diversity, Equity, Inclusion, and Belonging:
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations.Equal Employment Opportunity:
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position.Accessibility Support:
We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com.SCAM ALERT:
There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner.
#J-18808-Ljbffr
Discover the connected platform that's bridging gaps and aligning interests of healthcare payers, providers, and healthcare consumers.Zelis is hiring an Application Security Engineer to work in collaboration with the corporate application development teams. The position will be accountable for application security of corporate applications. You’ll work with Application Development teams to identify application assets, data flows, threats, and required cyber security controls, as well as with Application Security Testers to measure the effectiveness of identified cyber security controls.Location and Workplace Flexibility:
We have offices in Atlanta GA, Boston MA, Morristown NJ, Plano TX, St. Louis MO, St. Petersburg FL, and Hyderabad, India. We foster a hybrid and remote friendly culture and all of our employee's work locations are based on the needs of the position and determined by the Leadership team.Responsibilities:Partner closely with corporate stakeholders to understand regulatory, industry, and organizational security requirements.Provide security requirements with acceptance criteria to application development teams using the Agile and Waterfall methodologies.Conduct threat modeling exercises to identify potential security vulnerabilities in corporate applications.Analyze application's components, data flows, and external dependencies to anticipate and mitigate threats.Review the architecture of software applications to ensure that security is integrated at every layer, including network, infrastructure, and application levels.Implement security controls and best practices to address identified risks and vulnerabilities, including encryption, authentication, access controls, input validation, and other security mechanisms.Perform security code reviews to identify and remediate security vulnerabilities in application code.Provide guidance and training to development teams on secure coding practices, security principles, and relevant security tools and technologies.Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.Qualifications:Bachelor’s degree in Cyber Security (or) related degree and experience.4+ years of experience in Cyber Security.2+ years of experience in Agile and writing user stories.2+ years of experience in Application Security and Threat Modeling, as well as application development or application secure code review.Understanding of API and Web security vulnerabilities.2+ years of experience using Octave or Stride.Experience working within a DevSecOps environment.Preferred Qualifications:Experience in security coding, source code management, and/or build and deployment technologies.Experience with web application firewalls.Familiarity with OWASP Top 10 API, Web, and Mobile Application Security Risks.Familiarity with MITRE CWE Top 25 Most Dangerous Software Weaknesses.CDP, CISSP, E|CDE or other relevant certifications.Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST, etc.Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers.Commitment to Diversity, Equity, Inclusion, and Belonging:
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations.Equal Employment Opportunity:
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position.Accessibility Support:
We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com.SCAM ALERT:
There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner.
#J-18808-Ljbffr