We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Cognizant North America jobs

Application Security Engineer

Cognizant North America
life insurance, parental leave, paid time off, paid holidays, 401(k)
United States, Virginia, Norfolk
Jan 04, 2025

This position is open to remote in the United States. A qualified applicant must be local to this area.

*Please note, this role is not able to offer visa transfer or sponsorship now or in the future*

Practice - CIS - Cloud, Infrastructure, and Security Services

About Cloud Infrastructure & Security Services: Cognizant's Cloud, Infrastructure, and Security Services Practice (CIS), is all about embracing digital transformation by driving core modernization holistically across layers. We help customers transform infrastructure and workplace to meet the rapidly evolving needs of the digital era. Our holistic approach delivers key results for our customers by achieving cloud driven modernization and workplace and operational transformation to run the business in a secure environment.

Job Summary

We are seeking a highly skilled Application Security Engineer with 8 to 10 years of experience to join our team. The ideal candidate will have expertise in Security Practices including OWASP Top 10, OWASP-ZAP, and HCL Appscan with experience in the Healthcare - Payer domain.

Responsibilities & Core Job Duties:

  • Security Evaluation: Evaluate security architectures and designs to determine the adequacy of security design and architecture.
  • Security Control Documentation: Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
  • Define Security Patterns: Create security patterns, providing frameworks or templates for addressing recurring cybersecurity issues.
  • Collaboration with Developers and Operations: Work closely with both developers and operations teams to ensure the deployment of secure solutions.
  • Stay Updated with Security Trends: Remain current with new security vulnerabilities, threats, and industry developments to ensure that security solutions and protocols are up-to-date.
  • Training and Development: Train other team members and developers on current security practices and potential threats.
  • Infrastructure Security Design: Collaborate with the infrastructure architect to design a secure environment.
  • Okta Integration: Assess and ensure the secure integration and configuration of Okta for identity and access management within the organization's applications.
  • Illumio Segmentation: Analyze and define security boundaries using Illumio for network segmentation to protect sensitive data and reduce attack surfaces.
  • Code Review: Conduct thorough reviews of application code to identify and remediate security vulnerabilities, ensuring the codebase adheres to best security practices.
  • Incorporate Security Patterns: Ensure that established security patterns and protocols are effectively incorporated into the application development process to maintain robust security standards.
  • Secure Coding Practices: Implement best practices for secure coding and advise development teams on mitigating security issues in their code.
  • Lead the design and implementation of security architectures to protect critical systems and data.
  • Oversee the development and enforcement of security policies and procedures.
  • Provide guidance on security best practices to development teams.
  • Conduct regular security assessments and vulnerability testing using OWASP-ZAP and HCL Appscan.
  • Ensure compliance with OWASP Top 10 security standards.
  • Collaborate with cross-functional teams to integrate security measures into the software development lifecycle.
  • Monitor and respond to security incidents and breaches.
  • Develop and deliver security training and awareness programs.
  • Evaluate and recommend security tools and technologies.
  • Perform risk assessments and develop mitigation strategies.
  • Support the implementation of security controls in the Healthcare-Payer domain.
  • Stay updated with the latest security trends and threats.
  • Contribute to the continuous improvement of the company's security posture.

Qualifications

  • Must have extensive experience with OWASP Top 10 security practices.
  • Should be proficient in using OWASP-ZAP for security testing (SAST, DAST, OSS, etc.)
  • Must have hands-on experience with HCL Appscan (Nice to Have: Checkmarx, Gitlab, Fortify, Veracode, Coverity, etc.)
  • Experience in Secure Coding (Java, C++, Python, .Net, etc.)
  • Should have domain expertise in Payer.
  • Must possess strong analytical and problem-solving skills.
  • Should have excellent communication and collaboration abilities.
  • Must be able to work effectively in a hybrid-matrix work model.
  • Should have a proactive approach to identifying and mitigating security risks.
  • Must be detail-oriented and able to manage multiple tasks simultaneously.
  • Should have a strong understanding of security frameworks and standards.
  • Must be able to develop and implement security policies and procedures.
  • Should have experience in conducting security training and awareness programs.
  • Must be committed to continuous learning and professional development.

Salary and Other Compensation:

Applications will be accepted until 2/3/2025.

The annual salary for this position is between [$84,600] - [$134,000] depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant's discretionary annual incentive program and stock awards, based on performance and is subject to the terms of Cognizant's applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

  • Medical/Dental/Vision/Life Insurance
  • Paid holidays plus Paid Time Off
  • 401(k) plan and contributions
  • Long-term/Short-term Disability
  • Paid Parental Leave
  • Employee Stock Purchase Plan
Applied = 0
MORE JOBS LIKE THIS

(web-776696b8bf-d9dvp)