Tbwa Chiat/Day Inc
Application Security Engineer
Tbwa Chiat/Day Inc, Princeton, New Jersey, us, 08543
RxSense is a high-growth healthtech company empowering clients and consumers with technology to access lower cost prescription drugs. Its transformative cloud-based enterprise platform enables clients to take control of their pharmacy benefits with fast, flexible and customizable solutions and real time data insights to improve operational and financial performance -- and ultimately deliver better care to patients nationwide. RxSense also owns and operates SingleCare, a free prescription savings service that offers consumers access to consistently low prices on prescription drugs. Through its partnerships with the country’s largest pharmacies and grocers, including CVS, Walgreens, Walmart, Kroger and Albertsons, SingleCare improves access and adherence to more affordable medications and has helped millions of Americans collectively save over $8 billion on their medications.RxSense is a great place to work! Our company has earned recognition as one of Fast Company’s Most Innovative Companies, Forbes’ Top Startup Employers, Modern Healthcare's Best Places to Work in Healthcare, and Inc’s Best in Business and Best Workplaces.Position Summary:
The Application Security Engineer position is a mid-tier role in the RxSense Information Security team that will focus on assessing and managing risks in the application security domain. In this role you will act as an application security SME on project teams and be responsible for performing various security touchpoints throughout the RxSense Software Development Lifecycle.Must be aware of and comply with all aspects of the RxSense Information Security Program and the policies contained therein. Must always understand the importance of maintaining Information Security in all Business Operations.Job Responsibilities:
Work with development and product teams to define security requirements and ensure they are followedPartner with development and product teams to drive remediation of security gapsCoordinate 3rd party penetration tests and work with internal teams to remediate findingsPerform architecture and design reviews on company applicationsMonitor and analyze application security logs and events to detect and respond to security threatsPerform monitoring and management of Web Application FirewallInterpret and manually validate Static Application Security Testing (SAST) resultsManage SAST, SCA and DAST tools to ensure comprehensive testing and remediation of findingsAnalyze and report on risks discovered through application security testingParticipate on project teams as InfoSec representativeAbility to quickly adapt to changing priorities as business needs changeExcellent interpersonal and communication skills a mustStrengths:
Knowledge and experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Lifecycle).Experience with software development, programming, scripting.Experience with OWASP ZAP or Burp ProxyExperience with static application security testing toolsKnowledge and experience with implementing and managing web application firewallsHigh level understanding of securing Cloud Platforms, AWS and GCP, cloud architectureAlthough the position is in application security domain, a broad interest/experience across the whole security domain would be an advantageRequirements:
BS in Information Systems preferred but appropriate experience is acceptable3+ years of experience in application security is required.Must have the ability to identify, analyze and solve security risks pragmaticallyFamiliarity with web application architecture, APIs, and cloud environmentsExperience with security standards and frameworks, such as OWASP, NIST, or CISPractical understanding of common application security vulnerabilitiesExcellent problem-solving and analytical skills with demonstrated ability to investigate and solve complex problemsExcellent communication skills are needed with demonstrated ability to work with multiple organizational functions and levelsSalary Range: $120,000 - $135,000RxSense believes that a diverse workforce is a more talented and productive workforce. As such, we are an Equal Opportunity and Affirmative Action employer. Our recruitment process is free from discriminatory hiring practices and all qualified applicants are considered for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity, ancestry, age, or national origin. Neither will qualified applicants be discriminated against on the basis of disability or protected veteran status. We believe in the strength of the collaboration, creativity and sense of community a diverse workforce brings.Apply for this job#J-18808-Ljbffr
The Application Security Engineer position is a mid-tier role in the RxSense Information Security team that will focus on assessing and managing risks in the application security domain. In this role you will act as an application security SME on project teams and be responsible for performing various security touchpoints throughout the RxSense Software Development Lifecycle.Must be aware of and comply with all aspects of the RxSense Information Security Program and the policies contained therein. Must always understand the importance of maintaining Information Security in all Business Operations.Job Responsibilities:
Work with development and product teams to define security requirements and ensure they are followedPartner with development and product teams to drive remediation of security gapsCoordinate 3rd party penetration tests and work with internal teams to remediate findingsPerform architecture and design reviews on company applicationsMonitor and analyze application security logs and events to detect and respond to security threatsPerform monitoring and management of Web Application FirewallInterpret and manually validate Static Application Security Testing (SAST) resultsManage SAST, SCA and DAST tools to ensure comprehensive testing and remediation of findingsAnalyze and report on risks discovered through application security testingParticipate on project teams as InfoSec representativeAbility to quickly adapt to changing priorities as business needs changeExcellent interpersonal and communication skills a mustStrengths:
Knowledge and experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Lifecycle).Experience with software development, programming, scripting.Experience with OWASP ZAP or Burp ProxyExperience with static application security testing toolsKnowledge and experience with implementing and managing web application firewallsHigh level understanding of securing Cloud Platforms, AWS and GCP, cloud architectureAlthough the position is in application security domain, a broad interest/experience across the whole security domain would be an advantageRequirements:
BS in Information Systems preferred but appropriate experience is acceptable3+ years of experience in application security is required.Must have the ability to identify, analyze and solve security risks pragmaticallyFamiliarity with web application architecture, APIs, and cloud environmentsExperience with security standards and frameworks, such as OWASP, NIST, or CISPractical understanding of common application security vulnerabilitiesExcellent problem-solving and analytical skills with demonstrated ability to investigate and solve complex problemsExcellent communication skills are needed with demonstrated ability to work with multiple organizational functions and levelsSalary Range: $120,000 - $135,000RxSense believes that a diverse workforce is a more talented and productive workforce. As such, we are an Equal Opportunity and Affirmative Action employer. Our recruitment process is free from discriminatory hiring practices and all qualified applicants are considered for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity, ancestry, age, or national origin. Neither will qualified applicants be discriminated against on the basis of disability or protected veteran status. We believe in the strength of the collaboration, creativity and sense of community a diverse workforce brings.Apply for this job#J-18808-Ljbffr