Qualifications

• Bachelor's degree or equivalent experience
• 7+ years of relevant experience, including 2+ years in Application Security
• Deep understanding of Application Security paradigms and OWASP Top Ten
• Strong grasp of Agile methodologies and backlog management
• Proven ability to manage complex projects and communicate with management
• Experience with HIPAA, SOC2, PCI-DSS, and FedRAMP regulations
• Excellent communication, collaboration, analytical, and presentation skills
• Familiarity with AI/ML concepts and tools is a bonus
• Healthcare industry experience preferred
• CISSP-ISSAP certification is a plus

Responsibilities

• Evaluate new solution proposals and specify security requirements
• Perform STRIDE-based threat modeling for applications
• Conduct secure source code reviews to identify vulnerabilities
• Create and review security unit tests within the CI/CD pipeline
• Administer and manage the bug bounty program
• Coach security champions within development teams
• Provide general security consulting to bridge gaps in processes
• Utilize AI solutions to streamline security assessment workflows
• Drive maturation of the Application Security program based on industry best practices

Benefits

• Hybrid work model with a balanced approach to in-office and remote work
• Opportunity to collaborate with different teams and stakeholders
• Engagement in cutting-edge security practices and applications
• Work within the vibrant Healthcare industry
• Access to ongoing professional development and growth opportunities