Posted in

Distinguished Engineer – Application Security Engineering

Distinguished Engineer – Application Security Engineering

CompanyCVS Health
LocationNew York, NY, USA
Salary$175100 – $334750
TypeFull-Time
Degrees
Experience LevelExpert or higher

Requirements

  • 15+ years of experience in developing and deploying security technologies.
  • 12+ years of experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell.
  • Proficiency in Public Cloud (AWS/Azure/GCP) & Network Security.
  • Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code.
  • Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
  • Experience with directing remote/virtual/hybrid teams.
  • Proven track record in leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.

Responsibilities

  • Define application security coding, design, development best practices, selecting and using frameworks and security-specific cloud technologies and products.
  • Define standards and processes for evaluating application compliance with standards and best practices.
  • Develop and drive application security awareness training programs across the organization.
  • Ready to review hands-on application implementations, as well as getting involved in high-risk, complex application designs, architectures and development.
  • Lead the development of comprehensive application and data security policies and standards, integrating advanced security practices throughout the software development lifecycle to mitigate risks and align with industry-leading security protocols.
  • Design and develop imaginative technical solutions to address vulnerabilities in unsupported vendor products.
  • Collaborate with Engineering and Business teams to develop secure engineering practices.
  • Act as a pivotal security leader, driving the integration of secure engineering practices across the organization while liaising with senior management to ensure a cohesive security strategy that aligns with business objectives.
  • Analyze novel security attack vectors and design countermeasures, using internally designed and developed tools or vendor products.
  • Analyze intrusion detection events and design near-real time strategies for containment over and above existing SOPs, as needed.
  • Lead pen-testing and incident post-mortem analysis and design measures for further improving the application security posture.
  • Lead cleanup and recovery efforts exercises.
  • Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
  • Spearhead the evaluation and strategic deployment of cutting-edge security solutions, emphasizing scalability, performance, and adaptability, to fortify the organization’s defense against evolving threats.
  • Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises, colocation).
  • Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies.
  • Demonstrated leadership skills with developing a comprehensive mentorship program for junior engineers, including organizing regular training sessions to elevate the team’s technical and security skills.
  • Proven track record with participation in security research and the exploration of next-generation security tools and practices. This includes encouraging the team to engage with the wider security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms. As needed, prototype attack vectors and counteractions.
  • Active in the security industry bodies and committees to influence the development of novel security standards.

Preferred Qualifications

  • Strong technical expertise with Architecting Public Cloud solutions and processes.
  • Strong technical expertise with Networking and Software-Defined Networking (SDN) principles.
  • Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
  • Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
  • MSSP or similar certifications
  • Strong technical expertise with security solutions for data warehouses and big data platforms, particularly with technologies like Snowflake.
  • Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
  • Experience in influencing industry security standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization.