Lead Applications Security Engineer

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose:

Leads cybersecurity and privacy principles to ensure the organization's applications and services are implemented according to internal security standards. Recognizes vulnerabilities in security systems (e.g., vulnerability and compliance scanning). Oversees and performs threat modeling, security code reviews, security assessments, security hardening reviews, evaluates security designs, etc. throughout the Secure Software Development Life Cycle (SSDLC) process. Engineers and develops cloud automation routines to streamline operations. Promotes understanding and adherence to the SSDLC Policy and Standards.

• Work directly with application development teams to ensure application weaknesses and identified vulnerabilities are mitigated or remediated based on SLA.
• Be responsible for application security testing (AST) technology strategy and roadmap development.
• Champion understanding and adherence to Centene’s secure SDLC policy and standard.
• Analyze existing plans, policies, and procedures for the response and recovery from incidents.
• Represent Applications Security Engineering at Service Design meetings and other Enterprise Architecture-level gatherings.
• Respond to security incidents, technical incident support bridges, and other medium to high severity issues. Provide escalation support.
• Serve as the primary liaison between other IT Security teams and development teams.
• Performs other duties as assigned.
• Complies with all policies and standards.

Education/Experience:

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).
Requires 5 – 7 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

• One or more of the following skills are desired:
• Advanced knowledge of programming and/or scripting languages including, but not limited to C#, Java, Go, JavaScript, Bash, and PowerShell.
• Advanced understanding of DevOps workflows.
• Advanced understanding of Confidentiality, Integrity, & Reliability (CIA) triad application to application security concepts.
• Standard Operating Procedure development.
• Advanced understanding of Agile operations.
• Advanced understanding of Site Reliability Engineering.
• Advanced experience administrating and using application security testing (AST) platforms such as Snyk, Veracode, Netsparker, AppScan, NowSecure, Contrast, etc.
• Advanced experience administrating and using API security platforms such as Traceable.ai, Salt, Noname Security, etc.
• Advanced experience administrating containerized applications running within Kubernetes.
• Advanced experience administrating applications and/or security tools running within AWS.

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently
• Intermediate - Demonstrated analytical skills
• Intermediate - Demonstrated project management skills
• Intermediate - Demonstrates a high level of accuracy, even under pressure
• Intermediate - Demonstrates excellent judgment and decision making skills
• Intermediate - Ability to communicate and make recommendations to upper management
• Intermediate - Ability to drive multiple projects to successful completion
• Intermediate - Possesses technical aptitude

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law. Total compensation may also include additional forms of incentives.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.