Hm Health Solutions Inc.
Job Description :
This job is responsible for assisting in application security testing, including source code review, automating application security testing process and developing application security solutions to influence organizational efficiency and security. Assists in evaluating security risk assessments and presenting security information to workforce and management. Serves as a resource to the workforce regarding security based questions and problems.
- Work jointly with Development Teams, QA, Architects and Security teams to review application code and to tune selected tools for evaluation and reporting on security posture of applications and back-end systems.
- Assist in conducting web and mobile application security vulnerabilities assessments using Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using scanning tools / manual checks and notify the appropriate teams to take necessary actions.
- Complete project tasks to enable the on time, within budget and scope delivery of information security projects.
- Assist in the identification of potential security exposure that may currently exist or may pose a potential future threat to the organization.
- Assist in troubleshooting security issues, evaluates security risk assessments and presents security information to workforce and management.
- Apply an understanding of modern web application development languages necessary to communicate mitigating controls and potential remediation activities.
- Assist workforce with security based questions and problems.
- Other duties as assigned or requested.
- Bachelor’s Degree in Information Systems, Computer Science, Information Security, or Engineering or 6 years of relevant, progressive experience in lieu
- 1 year in Information Security and Systems Analysis
- 1 year with Technology Platforms and Application Development Tools
- 1 year with Business Process
- 1 year with Software Development Life-cycle
- Experience working with SAST and DAST Assessment using tools like Veracode, SonarQube, BurpSuite, or HP Fortify
- Familiarity with secure SDLC best practices
- Basic understanding of OWASP Top 10 Vulnerabilities.
- Understanding how to read and review code in any of these languages: ASP.NET, Java, C++, C, Angular, Ruby on Rails
- Understanding of Dev/Ops and Dev/SecOps
Referral Bonus: Level 1
- Presentation Delivery
- Analytical and Logical Reasoning/Thinking
- Ability to learn and retain new skills in a changing technical environment
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/ProtectedVeterans/Disabled/Sexual Orientation/Gender Identity (http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf)
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org