Staff Application Security Engineer

We're building a world of health around every individual - shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger - helping to simplify health care one person, one family and one community at a time.

Development & Enforcement

• Develop and enforce engineering security policies and standards, specifically with the Illumio Platform:
  • Illumio PCE (Policy Compute Engine) management
  • Illumio VEN (Virtual Enforcement Node) deployment
  • Label-based policy creation and Illumination (visualization) usage
  • Expertise in creating and managing security policies, segmentation templates and policy objects
  • Build and understanding of service definitions and rulesets
  • Leadership of policy creation, testing and validation
  • Experience with application dependencies and communication patterns
  • Understanding of workload communication patterns and ability to conduct traffic flow analysis
  • Strong troubleshooting abilities and experience with monitoring network performance, as segmentation directly impacts traffic flow and application connectivity.
• Develop and enforce data security policies and standards.
• Drive security awareness across the organization.
• Lead the development and enforcement of comprehensive security policies and standards, integrating advanced security practices throughout the software development lifecycle to mitigate risks and align with industry-leading security protocols.

• Collaborate with Engineering and Business teams to develop secure engineering practices.
• Act as a pivotal security leader, driving the integration of secure engineering practices across the organization while liaising with senior management to ensure a cohesive security strategy that aligns with business objectives.

• Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
• Lead security testing, vulnerability analysis, and documentation.
• Spearhead the evaluation and strategic deployment of cutting-edge security solutions, emphasizing scalability, performance, and adaptability, to fortify the organization's defense against evolving threats.,

• Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises, colocation).
• Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies.

• Demonstrated leadership skills with developing a comprehensive mentorship program for junior engineers, including organizing regular training sessions to elevate the team's technical and security skills. This role requires a commitment to fostering a culture of continuous improvement and knowledge sharing.

• Proven track record with participation in security research and the exploration of next-generation security tools and practices. This includes encouraging the team to engage with the wider security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms.

• Play a key role in the strategic planning of the organization's security roadmap, including conducting thorough risk assessments, allocating budgets for security initiatives, and aligning long-term security strategies with overarching business goals. This responsibility includes advocating for security within the company and ensuring that security considerations are paramount in all technology decisions.

• 7+ years of experience in developing and deploying security technologies.
• 5+ years of experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
• 5+ years of experience in Public Cloud (AWS/Azure/GCP) and Network Security.
• 3+ years of experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code.
• 3+ years of experience with one or more general-purpose programming/script languages including but not limited to:
  Java, C/C++, C#, Python, JavaScript, Shell Script, Power Shell.

• Proven track record in leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.
• Strong technical expertise with Architecting Public Cloud solutions and processes.
• Strong technical expertise with Networking and Software-Defined Networking (SDN) principles.
• Strong technical expertise with developing and interpreting Network, Sequence, and…