- Play a lead role in developing expert knowledge of Product Security, requirements, tools, and working methods across CAQH.
- Ideate, communicate, and guide the implementation of complex vulnerability mitigation strategies to development teams.
- Conduct manual and automated security assessments and code reviews to identify vulnerabilities within applications.
- Collaborate with Product, Technology, and broader security teams to provide recommendations for solutions focused on decreasing business risks.
- Perform threat modeling to identify potential security issues before they can be exploited. This involves understanding the attack surface of applications and predicting potential attack vectors.
- Deliver reports on completed tests and document technical issues identified during the assessments.
- Evaluate, select, and deploy security tooling to automate the detection of security vulnerabilities. This may include integrating security tools into continuous integration/continuous deployment (CI/CD) pipelines.
- Lead or participate in the response to security incidents, including conducting post-mortem analysis to prevent future occurrences.
- Ensure applications comply with relevant security standards and regulations. This may involve collaborating with auditors and performing regular security assessments.
- None.
- Understanding of containerization technologies.
- Demonstrated expertise in product/application security architecture.
- Experience with threat modeling, risk analysis and control design.
- In depth knowledge of network security, authentication, and authorization.
- Experience with Security integration into CI/CD and experience in driving CI/CD adaptation for security controls.
- Advanced understanding of vulnerability exploitation chaining, and vulnerability remediation.
- Strong familiarity with software development lifecycle (SDLC) processes and source control technologies.
- 7+ Years of overall IT Experience with a major emphasis on application security.
- Development experience in any modern programming language (including but not limited to Python, C++, Rust, Go).
- Strong knowledge of Cloud Providers (Azure).
- Bachelor's degree in computer science or related field or possess the equivalent combination of industry related professional experience and education.
- GWEB, CASE, CISSP, CSSLP certifications preferred.
-
Security Engineer
3 weeks ago
Verotis Washington, United StatesVerotis is seeking an experienced Security Engineer to support security operations, strategy, planning, architecture, vulnerability assessments and remediation, and coordination with various government security entities. This includes the documentation of security strategy, plann ...
-
Security Engineer
4 weeks ago
ARK Solutions, Inc. Washington, United StatesCLIENT: Federal · Position : Security Engineer/ Splunk Engineer · 6 months Contract · Washington, DC (Onsite) · Education: Bachelor's degree in in Cybersecurity or related field. · Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tool ...
-
Security Engineer
3 weeks ago
Global InfoTek Washington, United StatesClearance Level: Top Secret clearance with SCI eligibility · US Citizenship: Required · Job Classification: Full-time · Location: District of Columbia · Experience: 5 years of experience in system security analysis and implementation; secure system engineering or design; and ...
-
Cloud Security Engineer
1 week ago
Constellation West Washington, United StatesConstellation West is seeking a highly motivated Cloud Engineer to join our team in pursuing a contract with the USDA. This presents a distinctive chance for an experienced Federal Government contractor with CCSP and AZ-900 certifications to contribute to the writing and speak on ...
-
Cloud Security Engineer
1 week ago
Constellation West Washington, United StatesConstellation West is seeking a highly motivated Cloud Engineer to join our team in pursuing a contract with the USDA. This presents a distinctive chance for an experienced Federal Government contractor with CCSP and AZ-900 certifications to contribute to the writing and speak on ...
-
Security Operations Engineer
1 week ago
Abacus Washington, United StatesCandidates Request Form · 1 · Job Title · Security Operations Engineer · 2 · Client Company/Dept. Name · Congressional Budget Office · 3 · Address · FHOB, 2nd & D Streets SW · Washington, DC 20515 · City Name · DC · State Name · WA-Washington · Zip Code · If others ...
-
Security Engineer, Senior
2 days ago
Booz Allen Hamilton Washington, United StatesJob Number: R · Security Engineer, Senior · The Opportunity: · Are you looking for an opportunity to share your experience in Security engineering to safeguard our nation? As a systems security engineer, you can identify the technologies needed to assess vulnerabilities and rec ...
-
Network Security Engineer
3 days ago
Marathon TS Washington, United StatesMarathon TS is hiring a Network Security Engineer to support our client in the Washington DC area. This is a 100% remote role, and the best candidate will be a clearable US citizen and have the following skills: · Provide technical and administrative direction for problem definit ...
-
Network Security Engineer
2 weeks ago
ECS Limited Washington, United StatesECS is seeking a · Network Security Engineer · to work in our · Washington, DC · office. · Please Note: · This position is contingent upon contract award. · Job Description: · Day-to-day triage, investigation, and mitigation of security threats, network incidents as well ...
-
Sr Security Engineer
3 weeks ago
Gridiron IT Washington, United StatesGridIron IT is seeking a · Security Engineer local · to · Washington DC. · Onsite 2/3 days a week in Washington, DC. DOJ Public Trust requirement- If the candidate does not have one, must be eligible to clear. TS or Secret can qualify for reciprocity. Veteran is a plus (not a ...
-
Information Security Engineer
2 days ago
District of Columbia Courts Washington, United StatesSummary The Information Technology Division is responsible for the planning, development and management of the information technology systems and subsystems that support DC Courts' case flow, office automation, special programs, and management operations. The Information Security ...
-
Product Security Engineer
3 weeks ago
CoStar Realty Information, Inc. Washington, United StatesProduct Security Engineer - Web Applications · Job Description · Overview · CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoS ...
-
System Security Engineer
2 weeks ago
Nationwide IT Services, Inc. Washington, United StatesSystem Security Engineer Washington, DC Apply Now · System Security Engineer · Active Top Secret/SCI eligible Clearance Required DOE Clearable · Washington DC · Position Overview: · Nationwide IT Services is seeking a Physical Security Specialist to support our Federal Client in ...
-
Senior Application Security Engineer
3 weeks ago
TalentRemedy Washington, United StatesThe Sr. Application Security Engineer is a technology and process focused security professional with extensive experience in Development Operations, Software Engineering, Application Security and/or Information Security disciplines. This individual will be at the forefront of our ...
-
DevOps Security Engineer
2 weeks ago
Prime Source Technologies Washington, United StatesShare this job as a link in your status update to LinkedIn. · Job Title · DevOps Security Engineer · Job Type · Full-time · Location · Washington, DC US (Primary) · Job Description · Prime Source Technologies is currently seeking a DevSecOps Engineer to support our client. · Dut ...
-
Sr. Security Engineer
3 weeks ago
Funko Washington, United StatesFunko Overview · Welcome to the Funko-verse, a world built on pure imagination, a land governed by the philosophy that stories matter, a universe comprised of characters from countless fandoms, a galaxy of once upon a times and happily ever afters. · But what does Funko do? · Fun ...
-
Cyber Security Engineering
3 weeks ago
Bering Straits Native Corporation (BSNC) Washington, United StatesOverview: · Visit our website at to apply · Equal Opportunity Employer/Veterans/Disabled · SUMMARY · Bering Global Solutions (BGS) a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Cyber Security Engineer (SIEM/SOAR) for Washington D.C. · ...
-
Security Engineer II
3 weeks ago
Agile Defense Washington, United StatesAgile Defense provides leading-edge Digital Transformation solutions to support and advance our customers' mission. We deliver innovative and high-quality services to our customers worldwide through an empowered and engaged workforce. · Job Title: · Security Engineer II · Locati ...
-
Software Security Engineer
1 week ago
ClearFocus Technologies Washington, United StatesClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA.We specialize in cybersecurity and support multiple government and commercial clients for a variety · of missions. We value our clients, integrity and employees and believe a single person can make ...
-
Intermediate Security Engineer
2 weeks ago
Chenega MIOS SBU Washington, United StatesReq ID:31178 · Summary · Intermediate Security Engineer (Cloud/DevSecOps) · Hybrid Schedule: In person, in the Washington, DC office twice a pay period. · Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a ca ...
Sr. Application Security Engineer - Washington, United States - Council for Affordable Quality Healthcare
3 weeks ago
Description
Position Summary:The Sr. Application Security Engineer is a technology and process focused security professional with extensive experience in Development Operations, Software Engineering, Application Security and/or Information Security disciplines. This individual will be at the forefront of our security efforts, partnering closely with product and application developers to establish and elevate best practices for secure software development. They will advise, implement, and train teams on the processes, tools, and automation needed to fortify the SDLC and safeguard CAQH's products and applications.
The Sr. Application Security Engineer is a full-time, remote, exempt position and reports to the CISO.
Specific Responsibilities:
Named one Modern Healthcare's "Best Places to Work," CAQH has helped nearly 1,000 health plans, 2+ million providers, government entities and vendors connect, exchange information and operate more efficiently. CAQH technology-enabled solutions and its Committee on Operating Rules for Information Exchange (CORE) bring the healthcare industry together to make sharing business information more automated, predictable, and consistent. CAQH Insights researches opportunities to reduce the burden of manual processes in healthcare administration.
WHAT YOU GET
CAQH recognizes that its most important asset is its growing team of smart, creative, collaborative, forward-thinking and passionate professionals – and that a comprehensive employee benefits package is an important factor for them in choosing where to work. CAQH offers competitive compensation along with an extensive benefits package for all full-time employees, including medical, dental and vision coverage, tuition assistance and a 401k. We offer full-time remote work to all staff from any location and maintain a physical office in downtown Washington, DC.
At CAQH, we are proud of our active commitment to Diversity, Equity, and Inclusion (DEI). Our DEI committee works diligently to foster an inclusive workplace where all individuals are valued, respected, and empowered. We embrace diverse perspectives and are dedicated to providing equal opportunities for everyone to thrive. Join us in our mission to transform healthcare through innovative technology solutions while making a positive impact on the lives of diverse communities.
CAQH is an equal opportunity employer. It is our policy to recruit, hire, train, and promote individuals, as well as administer any and all personnel actions, without regard to race, color, religion, sex, national origin or ancestry, age, marital status, disability, protected veteran status, personal appearance, sexual orientation, gender identity or expression, familial status, family responsibilities, matriculation, political affiliation, genetic information, source of income, place of residence, or any other characteristic protected by law. CAQH will not tolerate any unlawful discrimination and any such conduct is strictly prohibited.
Applicants have rights under the Family Medical Leave Act (FMLA), Equal Employment Opportunity (EEO), and the Employee Polygraph Protection Act (EPPA). If you are interested in applying for employment with CAQH and need an accommodation to apply for a posted position, contact CAQH Human Resources at
#LI-Remote