Security Engineer II

Overland Park, Kansas, United States

Full Time Senior-level / Expert USD 107K - 149K *
WellSky logo

WellSky

WellSky® offers health care software solutions for every kind of care including home health, hospice, blood management, and more. Request a free demo today!

View all employer listings

Apply now Apply later

The Application Security Engineer is primarily responsible for embedding security into the day to day activities of our software engineering teams. The Application Security Engineer conducts web application security assessments, automated security testing and code review as part of the software development lifecycle.  Work with Product Management, Engineering, and Quality Assurance to perform application penetration tests, automated vulnerability assessment scans, risk assessments, and code reviews.  Tasked with identifying and reporting on vulnerabilities in applications developed by WellSky and their supporting infrastructure, and researching threats and attack vectors that impact web, enterprise and mobile applications.  With a focus on turning vulnerabilities into actionable opportunities to improve the security posture of our products and systems, the Application Security Engineer will also assist the Product Engineering and IT teams in the remediation efforts.

Key Activities:

  • Conduct audits of existing application code for common vulnerabilities including OWASP Top 10 and recommend industry best practices
  • Participate in security design reviews, code auditing, security assessments on both internal and external software
  • Help to develop, collect and report on metrics to measure the success of the application security program, including quantitative metrics, reporting, and analysis. Automate monthly reporting for application scanning results
  • Provide guidance to Product Engineering on security testing (submitting scans, analyzing scan results, remediation advice on secure coding techniques, etc.) including hands-on operational tasks as needed
  • Support application security initiatives to ensure the software applications do not pose information risk to the company.
  • Ensure 3rd party software and development meet our security standards
  • Assist with the incident response procedures, including identifying, investigating, and help resolve security incidents
  • Integrate Static and Dynamic Application Security Testing and reporting into the SDLC and CI/CD pipelines to ensure that new applications or applications undergoing a major change are assessed for vulnerabilities prior to production implementation.

 

Required Qualifications:

  • Bachelor’s Degree in computer science or information security/systems or equivalent experience in lieu of a degree required 
  • CSSLP, GWAPT, CEH, or other applicable certifications

 

Preferred Qualifications:

  • Hands-on experience in a health care/HIPAA environment, or equivalent demonstration of similar regulator controls and processes a plus
  • Experience with Agile, Scrum and/or KanBan a plus
  • Ability to explain vulnerabilities and weaknesses, and discuss effective defensive techniques to non-experts
  • Interest in all aspects of security research and development
  • JavaScript, C++, C#, Python
  • Self-motivated individual who can combine exceptional problem-resolution and critical thinking skills with an ability to apply a business lens to recommendations
  • Collaborative and team-oriented approach to solving business problem

 

 

About WellSky

WellSky is a technology company leading the movement for intelligent, coordinated care worldwide. Our next-generation software, analytics, and services power better outcomes and lower costs for stakeholders across the health and community care continuum. In today’s value-based care environment, WellSky helps providers, payers, health systems, and community organizations solve tough challenges, improve collaboration for growth, harness the power of data analytics, and achieve better outcomes by further connecting clinical and social care. WellSky serves more than 20,000 client sites around the world — including the largest hospital systems, blood banks, cell therapy labs, blood centers, home health and hospice franchises, post-acute providers, government agencies, and human services organizations. Informed by more than 40 years of providing software and expertise, WellSky anticipates clients’ needs and innovates relentlessly to ultimately help more people thrive.

We're looking for talented individuals who want to use their skills to build a strong, technology-driven company. We offer competitive salaries, great benefits, including generous paid time off programming, and a casual and fun environment that encourages quality, creativity, and excellence. Enjoy all we have to offer. We invite you to join us. Apply today!

WellSky provides equal employment opportunities to all people without regard to race, color, national origin, ancestry, citizenship, age, religion, gender, sex, sexual orientation, gender identity, gender expression, marital status, pregnancy, physical or mental disability, protected medical condition, genetic information, military service, veteran status, or any other status or characteristic protected by law. WellSky is proud to be a drug-free workplace.

Applicants for U.S.-based positions with WellSky must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. All U.S.-based employees must be fully vaccinated against COVID-19 unless a medical or religious exemption is approved. 

* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com
Job perks/benefits: Health care
Job region: North America
Job country: United States
Job stats:  2  0  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.