Information Security Engineer, Consultant
Blue Shield of California•Oakland, CA
•Hybrid
About The Position
The Application Security team reports to the Director of Information Security and is responsible for driving continual risk reduction across application services. This role partners closely with development teams, providing security oversight at each stage of the Software Development Lifecycle while enabling the business to operate securely at scale.
Requirements
- Bachelor's degree or equivalent experience
- Requires 7 years prior relevant experience with at least 2 years working in Application Security
- Deep, demonstrated understanding of Application Security paradigms and common risks (i.e. OWASP Top Ten)
- Strong understanding of Agile delivery models and backlog management
- Ability to manage multiple complex workstreams and successfully interact with all levels of management
- Experience with regulatory certifications such as HIPAA, SOC2, PCI-DSS and FedRAMP
- Excellent verbal / written communication, collaboration, analytical and presentation skills
Nice To Haves
- Experience with AI/ML concepts and tools desired
- Preferred experience working within the Healthcare industry
- CISSP-ISSAP certification preferred
Responsibilities
- Evaluate new solution proposals and provide security requirements
- Perform STRIDE based threat modeling
- Complete secure source code reviews
- Create and review CICD layer security unit tests
- Administer our bug bounty program
- Coach security champions in our partnering teams
- Provide general security consulting
- Create and leverage AI solutions for streamlining your work
- Drive continual maturation of our Application Security program, consistent with proven industry best practices and maturity models.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
