Campus Pride Jobs

Senior Application Security Engineer

Location: This position will work a hybrid model (remote and office). The Ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations.

Preferred Location: Cary, NC.

The Senior Application Security Engineer is responsible for delivery of end to end application, system development and maintenance on complex multi technology platforms within assigned client group, business unit or corporate department and utilizing various customer technology platforms. A proud member of the Elevance Health family of companies, CarelonRx (formerly IngenioRx) leverages the power of new technologies and a strong, clinical first lens, to deliver member centered, lasting pharmacy care

How you will make an impact:

• Maintains active relationships with customers to determine business requirements and leads requirements gathering meetings.

• Owns the change request process and may coordinate with other teams as necessary.

• Provides technical advice and weighs in on technical decisions that impact cross functional teams.

• Researches and may propose new technologies.

• Develops and owns list of final enhancements.

• Develops and defines application scope and objectives and prepares technical and/or functional specifications from with programs will be written.

• Performs technical design reviews and code reviews.

• May own technical testing to ensures unit test is completed and meets the test plan requirements, system testing is completed and system is implemented according to plan.

• Assesses current status and supports data information planning. Coordinates on-call support and ensures effective monitoring of system.

• Maintains technical development environment.

• Mentors others and may lead multiple or small to medium sized projects. Will begin to set direction at the project/service level and influences decision-making.

• Provides technical guidance, and mentoring.

• Understands the tradeoffs between technical, analytical and product needs of the technical solutions.

• Identifies and propose strategies around technical problems affecting team, communicates standards and gets buy-in on solutions.

• Facilitates group sessions to elicit complex information on requirements clarification, design sessions, code reviews and troubleshooting issues.

• Supports vendor evaluation.

• Plays a key role in the security of MBM’s platform.

• Review the vulnerabilities from check marx 1 and other security scans and fix these with vulnerabilities.

• Work with app developers to test and release.

• Collaborate with app sec team members and also broader delivery teams across MBM.

• Understand both business and security requests and requirements and integrate those needs into the application.

• Develop robust, reusable and security components for reuse.

• Share ideas and concepts with our development teams to improve and extend our security.

• Performs technical code reviews.

• Ensures unit test is completed and meets the test plan requirements, integration testing is completed.

Minimum Requirements:

• Requires an BA/BS degree in Information Technology, Computer Science or related field of study and a minimum of 5 years related experience; multi dimensional platform experience; expert level experience with business and technical applications, or any combination of education and experience, which would provide an equivalent background.

Preferred Skills, Capabilities, and Experiences:

• Multi database and/or multi language strongly preferred.

• Experience mentoring others, leading multiple small projects and providing troubleshooting support is preferred.

• Minimum 5 years of hands-on experience in .Net Technologies - ASP.NET MVC, C#, WCF .NET CORE, Java preferred.

• 3-5 years of development experience using ASP .NET Core framework and/or Java preferred.

• Experience in fixing custom framework libraries preferred.

• Working knowledge of web service and SOA principles, HTTPs, SOAP and REST preferred.

• Experience using tools like Checkmarx1, Prisma & remediating vulnerabilities from these scans preferred.

• Knowledge on fixing app security issues from SAST/SCA with .NET and Java Stack & framework preferred.

• Experience in java .net/.net core - need to understand npm, nuget, SDLC, services, webCI/CD - jenkins, maven, gradle, sonarqube, checkmarx, UCD preferred.

• Minimum 2 year experience with virtualization and containers - Kubernetes, Docker, etc preferred.

• Understanding or experience with messaging systems such as RabbitMQ preferred.

• Experience and knowledge of Health Care Industry preferred.

• Experience with numerous design patterns preferred.