Lead Application Security Engineer (virtual remote)
Job Description
The Lead application security engineer ensures that every step of the software development lifecycle follows security best practices. They are responsible for adhering to and promoting secure coding principles and testing applications against security risks and parameters prior to release.
In this role, you will conduct code vulnerability assessments using automated tools. The role will be responsible for configuration and updating tools and rulesets for SAST, DAST, Open Source (SCA), and IaC platforms.
In this role you will be a key player in helping the DevSecOps team enable new capabilities as we transition from Checkmarx hosted on premises to CheckmarxONE SaaS solution.
Responsibilities
Responsibilities
Tasks for this role include:
- Help development teams transition projects and settings from Checkmarx to CheckmarxONE
- Work with development teams to educate them on new capabilities offered by CheckmarxONE (New SAST capabilities, DAST, SCA and IaC)
- Work closely with development teams to provide vulnerability remediation guidance
- Analyze source code and provide false positive analysis
- Help manage access to CheckmarxONE platform (User access and roles)
- Understand and help manage vulnerabilities related to Open Source components
Required Qualifications
- Bachelor's Degree in Computer Science or related field
- At least 5 years' experience with exposure to SAST, DAST, and Open Source tools
- Knowledge of OWASP top 10 vulnerability categories and risk remediation
- Comfortable providing remediation advice to developer teams
- Comfortable analyzing code in a variety of programming languages, primarily NET Core, MVC, C#, NodeJS, Java, etc
- Experience with Azure DevOps, GIT, CI/CD, TDD, and Automated Build Processes
- Experience with Cloud Technologies (Azure, GCP, AWS, etc.)
- Experience with DevSecOps, Software Development Life Cycle (SDLC), Agile (Scrum/Kanban)
- Excellent communication skills with the ability to influence others, can navigate complex organization structures and processes
- Exceptional analytical and problem-solving skills
Preferred Qualifications
- Experience with SAST, DAST and Open Source software, tools and vulnerability management
- Development experience in one or more of the following languages: NET Core, MVC, C#, NodeJS, Java
Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.
Remote/WAH requirements:
- WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
- A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
- Satellite and Wireless Internet service is NOT allowed for this role.
- A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Scheduled Weekly Hours
40
Date Posted
02/02/2023
Views
5
Similar Jobs
Senior Product Designer - Org & Security - Typeform
Views in the last 30 days - 0
This job description outlines a role in developing an intelligent contact management system with AI capabilities The position involves designing user ...
View DetailsSoftware Engineer Networking Software and Services - xAI
Views in the last 30 days - 0
The text describes xAIs mission to develop AI systems for understanding the universe and advancing human knowledge It outlines a role involving networ...
View DetailsAssociate Technical Support Engineer - Recharge
Views in the last 30 days - 0
Recharge is a subscription platform for innovative brands offering customer retention solutions They seek Technical Support roles with 247 coverage em...
View DetailsFull Stack Product Engineer - Jiga
Views in the last 30 days - 0
Jiga is a remotefriendly company focused on empowering engineers with trust autonomy and flexibility They emphasize simplicity ownership and impactful...
View DetailsSenior Design Manager (Infrastructure) - Canonical
Views in the last 30 days - 0
Canonical a leading opensource provider seeks a Senior Design Manager to drive innovation in cloud and AI technologies The role offers remote work glo...
View DetailsExecutive Director Patient Advocacy - Kyverna Therapeutics
Views in the last 30 days - 0
Kyverna Therapeutics is seeking an Executive Director for Patient Advocacy to lead initiatives in autoimmune disease treatment The role involves build...
View Details