As the Application Security Engineer at CoverMyMeds, you’ll be responsible for building and growing our application security program. You’ll focus on creating and improving tools and processes that contribute to highly-secure application development environments and technical operations. You’ll partner closely with developers across the company, supporting their needs and advocating for security best practices. You’ll work on a small team with endless opportunities to continue growing and mentor others.
What You’ll Do:
Build and grow our application security program, including:
Assessing and assigning risk
Static code reviews
Secure coding policies
Security checkpoints
Code review methodologies
Security education for our development teams
Anything else you think should be part of the program
Document everything important you do for our application security program
Partner closely with our development teams to understand their needs and incorporate secure code-development practices from the very beginning of our processes to disseminate security expertise and knowledge of our complex environment
Proactively seek out opportunities to continuously learn about security best practices
Support the assessment and implementation of application security tools and technologies
About You:
3+ years of web development experience
2+ years of application security experience
2+ years of experience using dynamic web application vulnerability scanning and static code analysis tools and services
Proven experience mitigating and addressing application threat vectors
Proven experience securing all major web server environments and cloud platforms based on OWASP top ten recommendations
A natural collaborator who seeks out new perspectives and builds trusting relationships with stakeholders and team members
Excellent interpersonal skills to influence stakeholders to do the right thing for our products
Devoted to learning, constantly working to stay up-to-date on security best practices
