CACI has flagged the Information Security Engineer, Principal job as unavailable. Let’s keep looking.

As an AppSec engineer, you will collaborate with software development teams to lead and support Application Security activities that guide the design, development and security of code and code repositories for cloud-hosted and open-source applications. In a given day, you will be assisting with the inspect of application code for security issues, building a new framework to help our software developers deploy faster and more securely through CI/CD Integration, or performing assessments on existing software development lifecycle practices to ensure security standards are met.

Responsibilities

  • Act as a subject matter expert on application security to improve and further integrate security best practices into product design and software development lifecycles (SDLC) of the organization.
  • Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends security enhancements.
  • Assist development teams with secure code reviews and other AppSec assessments to educate development teams on security weaknesses and vulnerabilities.
  • Assist with the implementation and management of automated security controls as part of CICD pipelines and DevSecOps philosophies.
  • Assist with the education of development teams on the remediation of vulnerabilities detected in SAST, SCA, and DAST security tools.
  • Establish and maintain secure coding standards and best practices to provide guidance and training to development teams on security best practices.
  • Perform other duties and special projects as assigned.

Minimum Education: 

  • Bachelor's degree in Computer Science, or related field (e.g., cybersecurity) or the equivalent combination of education, training or experience
  • CISSP, CISA, or CIA preferred
  • Specific years of experience may serve as substitutions in some areas

Qualifications:

  • Knowledge of secure architecture and design patterns for Web and Microservices
  • Knowledge of industry-standard security frameworks such as OWASP, NIST, BSIMM etc.
  • Knowledge of current and emerging threats and techniques for exploiting security vulnerabilities
  • Experience with security tools such as SAST, DAST, IAST, SCA and other security tools.
  • Experience with CICD pipeline, security tools integration and secure SDLC processes.
  • Experience with threat modeling and security testing tools for threat analysis of complex applications and services including threat modeling, software fuzzing, static and dynamic analysis.
  • Experience with cloud-based infrastructure (AWS, Azure, or Google Cloud) and Container (Azure AppService, Kubernetes) environments.
  • Experience with .Net framework and multiple programming languages such as Java, C#, Visual Basic, Python and JavaScript

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 97,700 - 162,900 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

We want you to be healthy, balanced, and feel secure. That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, visit Life at Cigna Group.

About Evernorth Health Services

Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

Read Full Description
Confirmed 4 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles