Centene - Florissant, MO

posted about 2 months ago

Full-time - Mid Level
Florissant, MO
Ambulatory Health Care Services

About the position

As a key player in Centene's mission to enhance health outcomes for our 28 million members, this position focuses on leading cybersecurity and privacy principles to ensure that the organization's applications and services are implemented in accordance with internal security standards. The role involves recognizing vulnerabilities in security systems through various methods such as vulnerability and compliance scanning. The individual will oversee and perform critical tasks including threat modeling, security code reviews, security assessments, and security hardening reviews throughout the Secure Software Development Life Cycle (SSDLC) process. In addition to these responsibilities, the position requires engineering and developing cloud automation routines to streamline operations, promoting understanding and adherence to the SSDLC Policy and Standards. The successful candidate will work directly with application development teams to ensure that application weaknesses and identified vulnerabilities are effectively mitigated or remediated based on Service Level Agreements (SLA). The role also encompasses the responsibility for application security testing (AST) technology strategy and roadmap development, ensuring that security measures are integrated into the development process from the outset. The individual will analyze existing plans, policies, and procedures for incident response and recovery, representing Applications Security Engineering at Service Design meetings and other Enterprise Architecture-level gatherings. Responding to security incidents and providing escalation support will also be key components of this role, serving as the primary liaison between other IT Security teams and development teams. The position requires compliance with all relevant policies and standards, and the ability to perform other duties as assigned.

Responsibilities

  • Lead cybersecurity and privacy principles to ensure applications and services meet internal security standards.
  • Recognize vulnerabilities in security systems through vulnerability and compliance scanning.
  • Oversee and perform threat modeling, security code reviews, security assessments, and security hardening reviews throughout the SSDLC process.
  • Engineer and develop cloud automation routines to streamline operations.
  • Promote understanding and adherence to the SSDLC Policy and Standards.
  • Work directly with application development teams to mitigate or remediate application weaknesses and identified vulnerabilities based on SLA.
  • Be responsible for application security testing (AST) technology strategy and roadmap development.
  • Analyze existing plans, policies, and procedures for incident response and recovery.
  • Represent Applications Security Engineering at Service Design meetings and other Enterprise Architecture-level gatherings.
  • Respond to security incidents and provide escalation support.
  • Serve as the primary liaison between IT Security teams and development teams.

Requirements

  • Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).
  • 5 - 7 years of related experience or equivalent experience reflecting the level of this position.
  • Advanced knowledge of programming and/or scripting languages including C#, Java, Go, JavaScript, Bash, and PowerShell.
  • Advanced understanding of DevOps workflows and Agile operations.
  • Advanced understanding of the Confidentiality, Integrity, and Availability (CIA) triad as it applies to application security concepts.
  • Experience with application security testing (AST) platforms such as Snyk, Veracode, Netsparker, AppScan, NowSecure, Contrast, etc.
  • Experience with API security platforms such as Traceable.ai, Salt, Noname Security, etc.
  • Experience with containerized applications running within Kubernetes and applications/tools running within AWS.

Nice-to-haves

  • Intermediate ability to identify basic problems and procedural irregularities.
  • Intermediate ability to work independently and demonstrate analytical skills.
  • Intermediate project management skills and ability to drive multiple projects to successful completion.
  • Demonstrated judgment and decision-making skills.

Benefits

  • Competitive pay
  • Health insurance
  • 401K and stock purchase plans
  • Tuition reimbursement
  • Paid time off plus holidays
  • Flexible work schedules including remote, hybrid, field, or office work options
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service