Job Description

Location: Steward Health Care
Posted Date: 5/4/2021
In this role, you will work closely with development teams across platform engineering to ensure our applications are secure. We are looking for a skilled application security engineer to analyze software designs and implementations from a security perspective and identify and resolve security issues. You will perform security analysis and implement controls to ensure we provide robust and reliable software.
KEY RESPONSIBILITIES:
  • Work with app teams to define zero trust templates as part of the engineering lifecycle
  • Implementing Web Application Firewalls for new applications
  • Optimize perimeter defense by tuning WAF policies based on attack vectors and new threats
  • Perform on-going application security testing and code review to improve software security
  • Provide engineering designs to mitigate security vulnerabilities
  • Consult with engineering teams on secure coding practices
  • Build strong relationships with application/development teams
  • Interpreting the results of penetration tests and security scans to provide risk-based recommendations for remediation
  • Recommending best practices for security in application design and development
  • Consulting with development teams on security readiness for deployment
  • Coordinating penetration tests for SaaS applications
  • Ensures teams are validating for OWASP and performing industry leading application security practices

REQUIRED KNOWLEDGE & SKILLS:

  • Secure software development, with a minimum of 2 years in distributed systems or data platform systems
  • Experience in web application security and SSDLC practices
  • Application security experience with high level programming languages (e.g., Java, C, C++, C#, VB, .NET, ASP.NET, ASP, PHP, J2EE, JSP, Python)
  • Hands-on experience with databases and query design is a plus
  • Excellent engineering-level understanding of web applications, web servers, layer 7 application technologies, frameworks, and protocols
  • Superb communication skills, with the ability to influence at all levels of the organization, are essential to success
  • F5, Citrix, Imperva, Mod Security or other Web Application Firewall Technologies.
  • Experience in enterprise application development and design, including REST APIs, database, messaging, and search technologies
  • Ability to manage multiple tasks simultaneously and meet established deadlines.

EDUCATION/EXPERIENCE/LICENSURE/TECHNICAL/OTHER:

  • Education: Bachelor’s Degree in Computer Science or related field preferred. Relevant experience and certifications acceptable.
  • Experience: 5+ years of relevant experience preferred
  • Certification/Licensure: OSCP Certified, E-CEH, CISSP or Like.
  • Software/Hardware: Linux, Windows, Burp Suite, nmap, Tenable vulnerability scanning, Wireshark, Rapid 7

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online