Meridian, ID, United States
The Lead Application Cloud Security Engineer will lead, consult and recommend solutions on matters relating to Cloud Application Security within IT Solutions Engineering. This role will be responsible for the definition and design of the cloud security solutions and cloud-based architecture (Iaas/PaaS/SaaS). This is a role focused on automation, process and necessary tools to support Secure SDLC for Humanaâ€™s fast-paced application development environment and technology operations. The role requires a grasp of application security principles and practices and a background working in an application development and coding environment within a large enterprise.
Build a very close working relationship with DevOps, cloud engineering, application development and QA teams.
Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments
Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
Participate in designing IT and Cloud security strategy, system security controls and secure configuration.
Creating security policies and standards around Cloud Security, Container Security, Configuration Management, Infrastructure as Code.
Researching new security technologies and their application to the corporate and cloud environment
Ensuring all acquired or developed systems are consistent with the solution engineering and security architecture guidelines
Assess new and existing cloud implementations, identifying security issues, misconfigurations and prioritizing fixes/remediation
Defining and documenting how the implementation of a new system or interface impacts the security posture of the current environment
Help define and implement cloud security process, automation and tools to feed DevSecOps processes
Performing security reviews, identifying gaps in security architecture and design
Bachelorâ€™s Degree in Information Technology, Computer Science or a related fieldSix years of experience designing, developing, and testing of software applications and/or infrastructure
Strong experience with cloud security strategy, cloud provider ecosystems (Amazon AWS, Microsoft Azure, Google Cloud Platform)Experience in developing secure code and application security standardsExperience conducting application security testing and source-code reviewsExperience with risk-based testing and/or manual assessment
Applied knowledge of healthcare industryMasterâ€™s Degree in Computer Science, Information Technology or a related field
Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructureExperience performing web vulnerability assessments, application penetration testing and using penetration testing methodologiesExperience creating source code per OWASP or other secure coding guidelinesExperience in designing or implementing a security release management strategy for enterprise cloud applicationsExperience with cryptographic techniques such as cryptographic algorithms, key management and rotation processes, and secure key storageExperience with developing enterprise-wide secure code testing strategyCertifications: AWS Certified Security; CCSP (Certified Cloud Security Professional); CISSP (Certified Information System Security Professional); CEH (Certified Ethical Hacker); GSEC; ISTQB (foundation, agile, test manager, test analyst, tech test analyst, etc.)Experience with SAST and DAST technologies including IBM AppScan, CheckMarx, Secure Assist, NowSecure, Burp Suite
Scheduled Weekly Hours
Mission: At Humana, our cultural foundation is aligned to helping members achieve their best health by delivering personalized, simplified, whole-person healthcare experiences. Recognizing healthcare needs continue to evolve for each person, for each family and for each community, Humana continuously creates innovative solutions and resources that help people live their healthiest lives on their terms â€“when and where they need it. Our employees are at the heart of making this happen and thatâ€™s why we are dedicated to building an organization of dynamic talent whose experience and passion center on putting the customer first.
Equal Opportunity Employer
It is our policy to recruit, hire, train, and promote people without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity or expression, disability, or veteran status, except where age, sex, or physical status is a bona fide occupational qualification. View the EEO is the Law poster.
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact firstname.lastname@example.org for assistance.
Humana Safety and Security
Humana will never ask, nor require a candidate provide money for work equipment and network access during the application process. If you become aware of any instances where you as a candidate are asked to provide information and do not believe it is a legitimate request from Humana or affiliate, please contact email@example.com to validate the request.
Website : http://www.humana.com
Humana's diverse lines of business work to serve all types of consumers. From families to seniors to military members to self-employed individuals, there is a plan to meet many unique needs. Find out how Humana's associates and corporate leaders are committed to customer service. Our team uses innovation to deliver results to our consumers.