Centene - Florissant, MO

posted about 2 months ago

Full-time - Mid Level
Florissant, MO
Ambulatory Health Care Services

About the position

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility. The position involves applying cybersecurity and privacy principles to ensure the organization's applications and services are implemented according to internal security standards. This role recognizes vulnerabilities in security systems through vulnerability and compliance scanning, overseeing and performing threat modeling, security code reviews, security assessments, and security hardening reviews throughout the Secure Software Development Life Cycle (SSDLC) process. In this role, you will engineer and develop cloud automation routines to streamline operations while promoting understanding and adherence to the SSDLC Policy and Standards. You will work directly with application development teams to ensure that application weaknesses and identified vulnerabilities are mitigated or remediated based on Service Level Agreements (SLA). Additionally, you will review and improve existing plans, policies, and procedures for the response and recovery from incidents, championing understanding and adherence to the secure SDLC policy and standard. You will oversee the development of training on procedures around application security testing (AST) platform operations and outage response, respond to security incidents, provide technical incident support, and manage other medium to high severity issues. This position also involves providing escalation support and facilitating knowledge transfer and education for Tier 1 and Tier 2 Applications Security Engineers. You will serve as a liaison between other IT Security teams and development teams, performing other duties as assigned and complying with all policies and standards.

Responsibilities

  • Apply cybersecurity and privacy principles to ensure applications and services meet internal security standards.
  • Recognize vulnerabilities in security systems through vulnerability and compliance scanning.
  • Oversee and perform threat modeling, security code reviews, security assessments, and security hardening reviews throughout the SSDLC process.
  • Engineer and develop cloud automation routines to streamline operations.
  • Promote understanding and adherence to the SSDLC Policy and Standards.
  • Work directly with application development teams to mitigate or remediate application weaknesses and identified vulnerabilities based on SLA.
  • Review and improve existing plans, policies, and procedures for incident response and recovery.
  • Champion understanding and adherence to the secure SDLC policy and standard.
  • Oversee development of training on procedures around application security testing (AST) platform operations and outage response.
  • Respond to security incidents and provide technical incident support for medium to high severity issues.
  • Provide escalation support and facilitate knowledge transfer for Tier 1 and Tier 2 Applications Security Engineers.
  • Serve as a liaison between IT Security teams and development teams.

Requirements

  • Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).
  • 4 - 6 years of related experience or equivalent experience acquired through applicable knowledge, duties, scope, and skill reflective of the level of this position.
  • Intermediate knowledge of programming and/or scripting languages including C#, Java, Go, JavaScript, Bash, and PowerShell.
  • Understanding of DevOps workflows.
  • Intermediate understanding of Confidentiality, Integrity, and Availability (CIA) triad application to application security concepts.
  • Experience in Standard Operating Procedure development.
  • Intermediate understanding of Agile operations.
  • Intermediate understanding of Site Reliability Engineering.
  • Intermediate experience administrating and using application security testing (AST) platforms such as Snyk, Veracode, Netsparker, AppScan, NowSecure, Contrast, etc.
  • Intermediate experience administrating and using API security platforms such as Traceable.ai, Salt, Noname Security, etc.
  • Intermediate experience with administrating containerized applications running within Kubernetes.
  • Intermediate experience with administrating applications and/or security tools running within AWS.

Nice-to-haves

  • Intermediate ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions.
  • Ability to work independently.
  • Demonstrated analytical skills.
  • Demonstrated project management skills.
  • Demonstrates a high level of accuracy, even under pressure.
  • Demonstrates excellent judgment and decision-making skills.

Benefits

  • Competitive pay
  • Health insurance
  • 401K and stock purchase plans
  • Tuition reimbursement
  • Paid time off plus holidays
  • Flexible work schedules including remote, hybrid, field, or office work options
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service