Zelis Healthcare - Morristown, NJ
posted 3 months ago
Zelis is seeking an Application Security Engineer to join our team, where you will play a crucial role in ensuring the security of our corporate applications. This position requires collaboration with various corporate application development teams to identify application assets, data flows, potential threats, and necessary cybersecurity controls. You will also work closely with Application Security Testers to assess the effectiveness of the identified cybersecurity measures. In this role, you will partner with corporate stakeholders to understand and implement regulatory, industry, and organizational security requirements. You will provide security requirements with acceptance criteria to application development teams, utilizing both Agile and Waterfall methodologies. Conducting threat modeling exercises will be a key responsibility, allowing you to identify potential security vulnerabilities within our corporate applications. You will analyze application components, data flows, and external dependencies to proactively mitigate threats. Your expertise will be essential in reviewing the architecture of software applications to ensure that security is integrated at every layer, including network, infrastructure, and application levels. You will implement security controls and best practices to address identified risks and vulnerabilities, which may include encryption, authentication, access controls, input validation, and other security mechanisms. Additionally, you will perform security code reviews to identify and remediate vulnerabilities in application code, focusing on common security flaws such as injection attacks, cross-site scripting (XSS), and insecure configurations. As a mentor, you will provide guidance and training to development teams on secure coding practices, security principles, and relevant security tools and technologies. You will also evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.