CVS Health

Senior Manager - Application Security Engineering

CVS Health$118K — $260K *
US-Anywhere
+ 5 other locationsRemote
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 7+ years in enterprise security technologies across relevant cybersecurity domains.
  • 7+ years leading security programs from design to operationalization.
  • 5+ years securing cloud-native environments with AWS, Azure, or GCP.
  • 5+ years managing secure software development lifecycle and vulnerability management.
  • 4+ years with application security technologies including SAST and software supply chain security.
  • 2+ years managing and developing security teams.

Responsibilities

  • Lead design and governance of enterprise application security programs.
  • Establish security requirements and automated controls for secure software delivery.
  • Drive secure coding practices across engineering organizations.
  • Oversee end-to-end vulnerability management lifecycle.
  • Establish metrics and processes for accountability and risk reduction.
  • Lead response efforts for critical vulnerabilities including stakeholder communication.
  • Drive adoption of modern security technologies and DevSecOps capabilities.

Benefits

  • Medical, dental, and vision coverage.
  • Paid time off and retirement savings options.
  • Wellness programs and resources for colleagues and their families.
  • Flexible work environment with remote position availability.
Full Job Description
POSITION SUMMARY

CVS Health is seeking a Senior Manager, Application Security Engineering to lead enterprise application security, vulnerability management, secure software delivery, and security engineering capabilities across a complex technology environment.

Within the Cybersecurity organization, this leader will be responsible for managing and advancing application security programs that help protect CVS Health applications and technology platforms throughout the software development lifecycle. The role will partner closely with Engineering, Architecture, Infrastructure, Product, Risk, Compliance, and Cybersecurity teams to integrate security into development processes and support secure delivery of business solutions.

The Senior Manager will lead a team responsible for application security engineering, vulnerability management, software supply chain security, security automation, and developer security enablement. This role will oversee security standards, tooling, governance, risk reduction activities, and operational processes that support enterprise technology portfolios and strategic initiatives, including Health 100.

Additionally, this leader will help build and scale security capabilities that improve developer adoption, increase automation, strengthen secure software development practices, and support enterprise DevSecOps initiatives.

This is a U.S.-based remote position. Candidates must reside within the United States.

PRIMARY DUTIES AND RESPONSIBILITIES

Application Security & Secure Software Delivery
  • Lead the design, implementation, and governance of enterprise application security programs, secure development standards, and software supply chain security practices.
  • Establish security requirements, security definitions of done, launch readiness criteria, and automated controls that enable secure software delivery across cloud-native, hybrid, and legacy environments.
  • Drive adoption of secure coding practices and developer-focused security capabilities across enterprise engineering organizations.


Vulnerability Management & Security Operations
  • Oversee the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, exception management, validation, and reporting.
  • Establish operational metrics, service level objectives, governance processes, and executive reporting mechanisms that drive accountability and measurable risk reduction.
  • Lead enterprise response efforts for critical and zero-day vulnerabilities, including risk assessment, stakeholder communication, remediation coordination, and executive reporting.


Security Engineering, DevSecOps & Platform Innovation
  • Drive adoption of modern security technologies and DevSecOps capabilities, including SAST, SCA, container security, secrets management, software bill of materials (SBOM), and software supply chain security solutions.
  • Lead automation of security controls within CI/CD pipelines to improve operational efficiency, strengthen risk mitigation, and accelerate secure software delivery.
  • Evaluate, implement, and optimize application security, cloud security, and software supply chain security technologies across on-premises, cloud, and hybrid environments.
  • Assess and adopt emerging technologies, including AI-powered security and developer productivity solutions, that improve security outcomes and operational effectiveness.


Leadership, Strategy & Enterprise Partnership
  • Lead and develop a high-performing team of security professionals while fostering a culture of technical excellence, accountability, innovation, and continuous improvement.
  • Build and scale security programs that drive developer adoption, self-service security capabilities, and DevSecOps maturity across enterprise engineering teams.
  • Partner across Engineering, Product, Architecture, Infrastructure, Risk, Compliance, and Cybersecurity teams to define strategic roadmaps, enable secure engineering practices, and support enterprise transformation initiatives, including Health 100.
  • Drive workforce development, capacity planning, operational readiness, and execution of strategic security objectives.


REQUIRED QUALIFICATIONS
  • 7+ years of experience developing, implementing, and operating enterprise security technologies across Application Security, Container Security, Data Security, Infrastructure Security, or related cybersecurity domains.
  • 7+ years of experience leading security programs and initiatives from design and implementation through operationalization and continuous improvement within enterprise environments.
  • 5+ years of experience securing cloud-native and modern application environments leveraging AWS, Azure, or GCP, including containers, Kubernetes, Infrastructure-as-Code (IaC), and Security-as-Code practices.
  • 5+ years of experience supporting secure software development lifecycle (SDLC) programs, vulnerability management, security testing, regulatory compliance, and enterprise application portfolios.
  • 4+ years of experience with application security technologies including SAST, SCA, CVA, mobile application security testing, secrets scanning, software supply chain security, and developer enablement programs.
  • 2+ years of experience leading, mentoring, managing, and developing security engineering, application security, vulnerability management, or cybersecurity teams.


PREFERRED QUALIFICATIONS
  • Experience architecting, securing, and modernizing enterprise applications, CI/CD pipelines, and cloud-native platforms across multi-cloud, hybrid, and legacy environments, including containerized, serverless, microservices-based, monolithic, and mainframe architectures.
  • Experience with application security, software composition analysis (SCA), software bills of materials (SBOM), software supply chain security, developer enablement programs, and secure software delivery practices utilizing platforms such as JFrog, Snyk, Veracode, Wiz, GitGuardian, Prisma Cloud, or similar technologies.
  • Experience supporting highly regulated environments and compliance frameworks including HIPAA, HITRUST, PCI-DSS, NIST, CSA, and related security and risk management standards.
  • Experience leading enterprise-scale transformation, application modernization, DevSecOps, and security automation initiatives, including building and scaling security programs, developer enablement capabilities, self-service security platforms, executive reporting, KPIs, KRIs, security scorecards, portfolio governance, and risk management programs.
  • Experience leveraging AI-powered technologies such as Claude, Claude Code, GitHub Copilot, Microsoft Copilot, and similar platforms to automate vulnerability remediation, integrate MCP-based security scanning, implement security controls within CI/CD pipelines, enhance developer enablement, and improve secure software delivery at enterprise scale.


EDUCATION

Bachelor's degree from an accredited college or university, or equivalent combination of education and relevant work experience (High School Diploma/GED plus 4 years of related experience).

Pay Range

The typical pay range for this role is:

$118,450.00 - $260,590.00

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program.

Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.

Great benefits for great people

We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families.

This full-time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well-being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.

Additional details about available benefits are provided during the application process and on Benefits Moments.

We anticipate the application window for this opening will close on: 08/31/2026

About CVS Health

Omnicare provides comprehensive pharmaceutical services to patients and providers across the United States. As the market-leader in professional pharmacy, related consulting and data management services for skilled nursing, assisted living and other chronic care settings, Omnicare leverages its unparalleled clinical insight into the geriatric market along with some of the industry's most innovative technological capabilities to the benefit of its long-term care customers. Omnicare also provides key commercialization services for the bio-pharmaceutical industry through its Specialty Care Group.

CVS Health Careers

Joining CVS Health presents a unique opportunity to advance your career in a company where innovation, leadership, and growth go hand in hand. As a leader in the healthcare industry, CVS Health is more than just a pharmacy. We are a team of professionals dedicated to improving lives and optimizing health outcomes.

Work You’ll Do

At CVS Health, you will be part of a culture that values diversity and inclusivity, fostering an environment where every team member’s contribution is valued. Engage in meaningful work that directly impacts lives, driving innovation in healthcare services and solutions.

Explore Job Opportunities

Whether you’re looking for a position in pharmacy services, corporate leadership, or in-store management, CVS Health offers a variety of employment opportunities that will help you harness your skills and thrive professionally. Our job opportunities span across a wide range of professional fields and geographic locations, ensuring that your career at CVS Health aligns with your professional goals and lifestyle.

Internship Programs

Kickstart your career with CVS Health through our internship programs. These opportunities are designed for ambitious students eager to develop their skills in a real-world setting. Internships at CVS Health are not only about gaining work experience but also about making meaningful contributions to our ongoing projects.

Professional Growth and Development

CVS Health is committed to the professional growth of our employees. With access to cutting-edge technology, industry-leading experts, and comprehensive diversity training, our team members are equipped to lead and innovate. We support career advancement through professional development programs, leadership training, and opportunities for networking and internal mobility.

Benefits and Culture

Our employees enjoy a range of benefits that reflect our commitment to their well-being and success. From health and wellness benefits to professional development programs, CVS Health is dedicated to ensuring our team members have the resources they need. Our inclusive culture encourages collaboration and continuous learning, making CVS Health a place where you can grow and succeed.

Join Our Team

Ready to take the next step in your career? Explore the open positions at CVS Health that match your skills and interests. We are continuously hiring and looking for passionate, curious, and solution-driven team players.

Stay Connected

Keep up to date with the latest news, career tips, and industry insights from CVS Health. Personalize your experience by subscribing to job alert emails, tailored to your preferences and professional interests. Discover the rewarding opportunities that await at CVS Health, where your career development is always a priority.

Search CVS Health Jobs

Don’t just look for a job. Look for a place where you can be a part of something bigger. Visit our careers page to find the position that’s right for you and join a team that values innovation and leadership in healthcare.

READ CAREERS BLOG

Stay ahead in your career with insights from those who know CVS Health best – our team. Learn from their experiences and get insider tips that can help you succeed in your next interview, craft a standout resume, and build a career you’re proud of at CVS Health.
Learn more about CVS Health
Size
300,000 employees
Market Cap
$122 billion
Industry
Net Income
$7.1 billion
Founded
1963
5 Year Trend
+10.5%
Revenue
$268.7 billion
NASDAQ

Similar Jobs

More Jobs at CVS Health

More Information Technology Jobs

Find similar Senior Manager - Application Security Engineering jobs: