Zelis Healthcare - Gainesville, FL
posted 2 months ago
Zelis is seeking an experienced Application Security Engineer to join our team, focusing on the security of corporate applications. This role is pivotal in collaborating with application development teams to ensure that security is integrated into every aspect of the application lifecycle. The Application Security Engineer will be responsible for identifying application assets, understanding data flows, assessing potential threats, and implementing necessary cybersecurity controls. You will work closely with Application Security Testers to evaluate the effectiveness of these controls, ensuring that our applications are resilient against security vulnerabilities. In this position, you will partner with corporate stakeholders to comprehend regulatory, industry, and organizational security requirements. You will provide security requirements along with acceptance criteria to application development teams, utilizing both Agile and Waterfall methodologies. Conducting threat modeling exercises will be a key responsibility, allowing you to identify potential security vulnerabilities in corporate applications. You will analyze application components, data flows, and external dependencies to anticipate and mitigate threats effectively. Your role will also involve reviewing the architecture of software applications to ensure that security is embedded at every layer, including network, infrastructure, and application levels. You will implement security controls and best practices to address identified risks and vulnerabilities, which may include encryption, authentication, access controls, input validation, and other security mechanisms. Performing security code reviews to identify and remediate vulnerabilities in application code will be essential, as will providing guidance and training to development teams on secure coding practices and relevant security tools and technologies. Additionally, you will evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.