Description
Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. *Position Summary* CVS Health Digital is looking for a *Sr. Security Full Stack Engineer II *who is enthusiastic about designing and building secure platforms and applications. The ideal candidate will feel comfortable working with both front-end and back-end application developers, as well as in building, automating and securing on-premise as well as cloud based applications, preferably on the Google Cloud Platform(GCP) which includes designing, developing, and implementing digital solutions and systems by applying advanced technical expertise to architect and code software applications, conduct system testing and debugging, collaborate with cross functional teams, and contribute to the overall technical direction and innovation of digital engineering projects. *What you will do * * Candidates will be working with a strong security engineering team to help transform the way systems are built, secured, authorized, and securely operated for continuous compliance and risk mitigation * Leads efforts to implement security patterns and practices with orchestration and automation tools that automate the secure configuration, verification, compliance, and authorization of systems * Participates as a member of a team tasked with maturing the organization's software development and security practices * Contributes to solution design and architecture discussions, collaborating with architects and senior engineers. Works with other developers and team members to implement complex features and scalable solutions that meet business requirements and ensure the delivery of high-quality code * Communicates and coordinates with team members to ensure alignment, provide technical insights, and contribute to decision-making processes. Participates in knowledge sharing activities, such as code reviews, tech talks, and workshops, to foster a culture of learning and collaboration within the team * Contributes to the adoption of best practices, new technologies, and tools to enhance productivity, efficiency, and code quality * Provides guidance and mentorship to junior developers, helping them improve their technical skills and grow professionally Work Breakdown Structure * 70% of the role will be Backend focused and 30% will be Front end focused *Required Qualifications* * 7+ years of hands-on experience in Security Engineering * 7+ years of experience with building microservices * 5+ years implementing and/or utilizing Federal, Industry and Open-Source Security Guidance and Secure Coding Practices such as (OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance, SafeCode etc.) * 5+ years hands on usage with both compiled and interpreted languages such as Angular, React, Node.js, Java, Spring Boot, IBM WebSphere App server, Oracle JBoss, .NET stack * 3+ years building and deploying secure complex distributed web and mobile applications * 3+ years of GCP, AWS or AZURE experience * 3+ years of experience with Docker/Kubernetes and micro-services architecture *Preferred Qualifications* * Provide guidance to the respective application teams on how to remediate Pen Test, DAST, SAST Web Application and Mobile Application scan finding * Experience working with Security Compliance Frameworks (ISO 27001, NIST, PCI-DSS, HIPAA, Sarbanes-Oxley, SSAE16, SOC2) * Experience with working with SAST and DAST tools like Data Theorem, Checkmarx, Nexus IQ, Veracode, Twistlock and or Qualys * Experience working with Agile methodology and phase-based delivery methods * Continuous Integration / Continuous Deployment strategies and tools experience * Experience utilizing Security testing tools (scanners, static and dynamic code analysis) * Knowledge of and experience with networking, infrastructure, secure application development and security automation (DevSecOps) * Automate security validation testing against on-premises and cloud-based platforms * Experience in handling the production deployment releases with release management * Work with Global Security office to translate traditional data center security controls and guidelines into cloud centric controls *Education* * Bachelor's degree or, equivalent experience (HS diploma + 4 years relevant experience) *BUSINESS OVERVIEW* Bring your heart to CVS Health Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities. *Pay Range* The typical pay range for this role is: $118,450.00 - $236,900.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program. In addition to your compensation, enjoy the rewards of an organization that puts our heart into caring for our colleagues and our communities. The Company offers a full range of medical, dental, and vision benefits. Eligible employees may enroll in the Company's 401(k) retirement savings plan, and an Employee Stock Purchase Plan is also available for eligible employees. The Company provides a fully-paid term life insurance plan to eligible employees, and short-term and long term disability benefits. CVS Health also offers numerous well-being programs, education assistance, free development courses, a CVS store discount, and discount programs with participating partners. As for time off, Company employees enjoy Paid Time Off (“PTO”) or vacation pay, as well as paid holidays throughout the calendar year. Number of paid holidays, sick time and other time off are provided consistent with relevant state law and Company policies. For more detailed information on available benefits, please visit [jobs.CVSHealth.com/benefits](https://jobs.cvshealth.com/benefits) We anticipate the application window for this opening will close on: 08/26/2024
Apply on company website
Find Connections via Linkedin
