CVS Health

Principal Application Security Engineer - Threat Research

CVS Health$144K — $288K *
New York, NY 10025Hybrid
Healthcare
8 - 10 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 10+ years experience in security technology development and deployment.
  • 7+ years experience with programming languages like Java, Python, JavaScript, etc.
  • 5+ years in Public Cloud security (AWS/Azure/GCP) and network security.
  • 5+ years with Docker, Kubernetes, and security automation.
  • 5+ years implementing data protection measures and ensuring compliance with regulations.
  • 5+ years managing Web Application Firewall (WAF) solutions.
  • 3+ years leading comprehensive security initiatives and managing projects.

Responsibilities

  • Develop and enforce engineering and data security policies.
  • Drive security awareness across the organization.
  • Collaborate on secure engineering practices with various teams.
  • Lead security testing, vulnerability analysis, and documentation.
  • Analyze and configure security solutions across diverse environments.
  • Participate in operational on-call duties for 24/7 support.
  • Establish mentorship programs to enhance engineering skills and knowledge.

Benefits

  • Comprehensive medical, dental, and vision coverage.
  • Paid time off to support work-life balance.
  • Retirement savings options for long-term financial health.
  • Access to wellness programs and resources for physical and emotional well-being.
Full Job Description
Position Summary

As the Principal Application Security Engineer - Threat Research, you will sit at the forefront of securing modern healthcare technology, combining deep engineering expertise with advanced threat research to protect applications and sensitive data at scale. The position drives the design, implementation, and continuous improvement of security across complex environments. By embedding security directly into development pipelines and leveraging automation, this role ensures resilience, scalability, and integrity across the full software lifecycle.

Equally critical, this role contributes to the broader mission of transforming how healthcare data is secured, owned, and trusted. It plays a key part in advancing security practices through research, innovation, and mentorship-elevating engineering teams while shaping how secure systems are built across the enterprise. The impact extends beyond technology, helping enable a future where healthcare innovation is delivered with confidence, accountability, and a strong foundation of security.

Role Responsibilities:

Development & Enforcement
  • Develop and enforce engineering security policies and standards.
  • Develop and enforce data security policies and standards.
  • Drive security awareness across the organization.
  • Lead the development and enforcement of comprehensive security policies and standards, integrating advanced security practices throughout the software development lifecycle to mitigate risks and align with industry-leading security protocols.


Collaboration & Expertise
  • Collaborate with Engineering and Business teams to develop secure engineering practices.
  • Act as a pivotal security leader, driving the integration of secure engineering practices across the organization while liaising with senior management to ensure a cohesive security strategy that aligns with business objectives.


Analysis & Configuration
  • Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
  • Lead security testing, vulnerability analysis, and documentation.
  • Spearhead the evaluation and strategic deployment of cutting-edge security solutions, emphasizing scalability, performance, and adaptability, to fortify the organization's defense against evolving threats.


Operational Support
  • Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises, colocation).
  • Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies.


Mentorship and Training
  • Demonstrated leadership skills with developing a comprehensive mentorship program for junior engineers, including organizing regular training sessions to elevate the team's technical and security skills. This role requires a commitment to fostering a culture of continuous improvement and knowledge sharing.


Innovation and Research
  • Proven track record with participation in security research and the exploration of next-generation security tools and practices. This includes encouraging the team to engage with the wider security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms.


Strategic Planning
  • Play a key role in the strategic planning of the organization's security roadmap, including conducting thorough risk assessments, allocating budgets for security initiatives, and aligning long-term security strategies with overarching business goals. This responsibility includes advocating for security within the company and ensuring that security considerations are paramount in all technology decisions.


Required Qualifications
  • 10+ years of experience in developing and deploying security technologies.
  • 7+ years of experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell.
  • 5+ years of with Public Cloud (AWS/Azure/GCP) & Network Security.
  • 5+ years of experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code.
  • 5+ years of experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
  • 5+ years of experience designing, implementing, and managing Web Application Firewall (WAF) and Layer 7 security solutions.
  • 5+ years of experience performing vulnerability analysis and risk prioritization using industry-standard tools, with the ability to provide clear, actionable remediation guidance to engineering and development teams.
  • 3+ years of experience leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.


Preferred Qualifications
  • Strong technical expertise with Architecting Public Cloud solutions and processes.
  • Strong technical expertise with Networking and Software-Defined Networking (SDN) principles.
  • Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
  • Experience with direct, remote, and virtual teams.
  • Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
  • Strong technical expertise with security solutions for data warehouses and big data platforms, particularly with technologies like Snowflake.
  • Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
  • Experience in influencing industry security standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization.


Education
  • Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience)


Pay Range

The typical pay range for this role is:

$144,200.00 - $288,400.00

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program.

Great benefits for great people

We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families.

This full-time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well-being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.

Additional details about available benefits are provided during the application process and on Benefits Moments.

We anticipate the application window for this opening will close on: 06/18/2026

About CVS Health

Omnicare provides comprehensive pharmaceutical services to patients and providers across the United States. As the market-leader in professional pharmacy, related consulting and data management services for skilled nursing, assisted living and other chronic care settings, Omnicare leverages its unparalleled clinical insight into the geriatric market along with some of the industry's most innovative technological capabilities to the benefit of its long-term care customers. Omnicare also provides key commercialization services for the bio-pharmaceutical industry through its Specialty Care Group.

CVS Health Careers

Joining CVS Health presents a unique opportunity to advance your career in a company where innovation, leadership, and growth go hand in hand. As a leader in the healthcare industry, CVS Health is more than just a pharmacy. We are a team of professionals dedicated to improving lives and optimizing health outcomes.

Work You’ll Do

At CVS Health, you will be part of a culture that values diversity and inclusivity, fostering an environment where every team member’s contribution is valued. Engage in meaningful work that directly impacts lives, driving innovation in healthcare services and solutions.

Explore Job Opportunities

Whether you’re looking for a position in pharmacy services, corporate leadership, or in-store management, CVS Health offers a variety of employment opportunities that will help you harness your skills and thrive professionally. Our job opportunities span across a wide range of professional fields and geographic locations, ensuring that your career at CVS Health aligns with your professional goals and lifestyle.

Internship Programs

Kickstart your career with CVS Health through our internship programs. These opportunities are designed for ambitious students eager to develop their skills in a real-world setting. Internships at CVS Health are not only about gaining work experience but also about making meaningful contributions to our ongoing projects.

Professional Growth and Development

CVS Health is committed to the professional growth of our employees. With access to cutting-edge technology, industry-leading experts, and comprehensive diversity training, our team members are equipped to lead and innovate. We support career advancement through professional development programs, leadership training, and opportunities for networking and internal mobility.

Benefits and Culture

Our employees enjoy a range of benefits that reflect our commitment to their well-being and success. From health and wellness benefits to professional development programs, CVS Health is dedicated to ensuring our team members have the resources they need. Our inclusive culture encourages collaboration and continuous learning, making CVS Health a place where you can grow and succeed.

Join Our Team

Ready to take the next step in your career? Explore the open positions at CVS Health that match your skills and interests. We are continuously hiring and looking for passionate, curious, and solution-driven team players.

Stay Connected

Keep up to date with the latest news, career tips, and industry insights from CVS Health. Personalize your experience by subscribing to job alert emails, tailored to your preferences and professional interests. Discover the rewarding opportunities that await at CVS Health, where your career development is always a priority.

Search CVS Health Jobs

Don’t just look for a job. Look for a place where you can be a part of something bigger. Visit our careers page to find the position that’s right for you and join a team that values innovation and leadership in healthcare.

READ CAREERS BLOG

Stay ahead in your career with insights from those who know CVS Health best – our team. Learn from their experiences and get insider tips that can help you succeed in your next interview, craft a standout resume, and build a career you’re proud of at CVS Health.
Learn more about CVS Health
Size
300,000 employees
Market Cap
$122 billion
Industry
Pharmaceuticals & Biotech
Net Income
$7.1 billion
Founded
1963
5 Year Trend
+10.5%
Revenue
$268.7 billion
NASDAQ
CVS
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at CVS Health

More Healthcare Jobs

Find similar Principal Application Security Engineer - Threat Research jobs:

NationwideNew York, NY