This position is open to remote in the United States. A qualified applicant must be local to this area.

*Please note, this role is not able to offer visa transfer or sponsorship now or in the future*

Practice - CIS - Cloud, Infrastructure, and Security Services

About Cloud Infrastructure & Security Services: Cognizant’s Cloud, Infrastructure, and Security Services Practice (CIS), is all about embracing digital transformation by driving core modernization holistically across layers. We help customers transform infrastructure and workplace to meet the rapidly evolving needs of the digital era. Our holistic approach delivers key results for our customers by achieving cloud driven modernization and workplace and operational transformation to run the business in a secure environment.

Job Summary

We are seeking a highly skilled Application Security Engineer with 8 to 10 years of experience to join our team. The ideal candidate will have expertise in Security Practices including OWASP Top 10, OWASP-ZAP, and HCL Appscan with experience in the Healthcare - Payer domain.

Responsibilities & Core Job Duties:

Security Evaluation: Evaluate security architectures and designs to determine the adequacy of security design and architecture. Security Control Documentation: Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately. Define Security Patterns: Create security patterns, providing frameworks or templates for addressing recurring cybersecurity issues. Collaboration with Developers and Operations: Work closely with both developers and operations teams to ensure the deployment of secure solutions. Stay Updated with Security Trends: Remain current with new security vulnerabilities, threats, and industry developments to ensure that security solutions and protocols are up-to-date. Training and Development: Train other team members and developers on current security practices and potential threats. Infrastructure Security Design: Collaborate with the infrastructure architect to design a secure environment. Okta Integration: Assess and ensure the secure integration and configuration of Okta for identity and access management within the organization's applications. Illumio Segmentation: Analyze and define security boundaries using Illumio for network segmentation to protect sensitive data and reduce attack surfaces. Code Review: Conduct thorough reviews of application code to identify and remediate security vulnerabilities, ensuring the codebase adheres to best security practices. Incorporate Security Patterns: Ensure that established security patterns and protocols are effectively incorporated into the application development process to maintain robust security standards. Secure Coding Practices: Implement best practices for secure coding and advise development teams on mitigating security issues in their code. Lead the design and implementation of security architectures to protect critical systems and data. Oversee the development and enforcement of security policies and procedures. Provide guidance on security best practices to development teams. Conduct regular security assessments and vulnerability testing using OWASP-ZAP and HCL Appscan. Ensure compliance with OWASP Top 10 security standards. Collaborate with cross-functional teams to integrate security measures into the software development lifecycle. Monitor and respond to security incidents and breaches. Develop and deliver security training and awareness programs. Evaluate and recommend security tools and technologies. Perform risk assessments and develop mitigation strategies. Support the implementation of security controls in the Healthcare-Payer domain. Stay updated with the latest security trends and threats. Contribute to the continuous improvement of the company's security posture.

Qualifications

Must have extensive experience with OWASP Top 10 security practices. Should be proficient in using OWASP-ZAP for security testing (SAST, DAST, OSS, etc.) Must have hands-on experience with HCL Appscan (Nice to Have: Checkmarx, Gitlab, Fortify, Veracode, Coverity, etc.) Experience in Secure Coding (Java, C++, Python, .Net, etc.) Should have domain expertise in Payer. Must possess strong analytical and problem-solving skills. Should have excellent communication and collaboration abilities. Must be able to work effectively in a hybrid-matrix work model. Should have a proactive approach to identifying and mitigating security risks. Must be detail-oriented and able to manage multiple tasks simultaneously. Should have a strong understanding of security frameworks and standards. Must be able to develop and implement security policies and procedures. Should have experience in conducting security training and awareness programs. Must be committed to continuous learning and professional development.

Salary and Other Compensation:

Applications will be accepted until 2/3/2025.

The annual salary for this position is between [$84,600] - [$134,000] depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant’s discretionary annual incentive program and stock awards, based on performance and is subject to the terms of Cognizant’s applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

Medical/Dental/Vision/Life Insurance Paid holidays plus Paid Time Off 401(k) plan and contributions Long-term/Short-term Disability Paid Parental Leave Employee Stock Purchase Plan

The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.

Cognizant is a global community with more than 300,000 associates around the world. We don’t just dream of a better way – we make it happen. We take care of our people, clients, company, communities and climate by doing what’s right. We foster an innovative environment where you can build the career path that’s right for you.

About us:
Cognizant is one of the world's leading professional services companies, transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ-100 and one of Forbes World’s Best Employers 2024) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com

Our commitment to diversity and inclusion:
Cognizant is an equal opportunity employer that embraces diversity, champions equity and values inclusion. We are dedicated to nurturing a community where everyone feels heard, accepted and welcome. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.

Disclaimer: 
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.

Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.