Senior Application Security Engineer

2 Months ago • 12 Years + • Cyber Security

Job Summary

Job Description

As a Senior Application Security Engineer at Zelis, you will be a key player in securing the company's applications. Your responsibilities will include collaborating with development teams to integrate security requirements, conducting threat modeling, and automating security processes. You'll analyze application components, data flows, and external dependencies to identify vulnerabilities, implement security controls, and provide guidance on secure coding practices. You will also work with Application Security Testers to measure control effectiveness and ensure compliance with industry standards like HIPAA, PCI, and NIST.
Must have:
  • Bachelor’s degree in Cybersecurity or related field.
  • 12+ years of cybersecurity experience.
  • 4+ years of application security and threat modeling.
  • Proficiency in scripting languages (Python, PowerShell, Ruby).
  • Strong understanding of API and web application security.
Good to have:
  • Hands-on experience with secure code review.
  • Familiarity with source code management and build pipelines.
  • Knowledge of OWASP Top 10 and secure coding standards.
  • Relevant certifications like CISSP, CDP, E|CDE.
  • Experience with compliance and regulatory standards like HIPAA, PCI, CIS.

Job Details

At Zelis, we Get Stuff Done. So, let’s get to it! 

  

A Little About Us 

Zelis is modernizing the healthcare financial experience for all by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts—driving real, measurable results for clients. 

  

A Little About You 

You bring a unique blend of personality and professional expertise to your work, inspiring others with your passion and dedication. Your career is a testament to your diverse experiences, community involvement, and the valuable lessons you've learned along the way. You are more than just your resume; you are a reflection of your achievements, the knowledge you've gained, and the personal interests that shape who you are.

Position Overview

Reporting to the Head of Application Security, you will be a key contributor to securing our corporate applications by collaborating closely with application development teams. This role is accountable for application security through threat modeling, DevSecOps automation, and implementation of security controls.

The ideal candidate brings strong security expertise with scripting and automation skills but is not expected to have deep software engineering or programming experience. You will work cross-functionally to identify application assets, map data flows, evaluate threats, and ensure cybersecurity controls are embedded and continuously measured.

What You’ll Do

  • Lead threat modeling exercises to proactively identify security risks across applications and infrastructure layers.

  • Collaborate with agile and waterfall development teams to integrate security requirements and acceptance criteria throughout the SDLC.

  • Analyze application components, data flows, and external dependencies to anticipate and mitigate vulnerabilities.

  • Automate security build pipelines and scanning processes, focusing on Docker container security and security scanning automation using scripting languages such as Python, PowerShell, or Ruby.

  • Conduct security code reviews targeting common vulnerabilities (e.g., injection, XSS, insecure configurations), without requiring deep programming expertise.

  • Implement and maintain security controls including encryption, authentication, access controls, and input validation.

  • Provide guidance and training on secure coding practices and security tool usage to development teams.

  • Evaluate and deploy security tools and automation solutions to enhance application security posture and streamline operations.

  • Partner closely with Application Security Testers to measure control effectiveness and identify gaps.

  • Ensure alignment with regulatory frameworks and industry best practices including HIPAA, PCI, NIST, and others.

What You Bring

Required:

  • Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).

  • 12+ years of cybersecurity experience with 4+ years specifically in application security and threat modeling.

  • 2+ years working in Agile environments, writing user stories including security acceptance criteria.

  • Proficiency in scripting languages (Python, PowerShell, Ruby) to automate security processes, with a focus on container and build pipeline automation.

  • Strong understanding of API, web application, and container security vulnerabilities.

  • Experience in Microsoft technology stack (.NET and related).

  • Excellent verbal and written communication skills and strong customer service orientation.

  • Comfortable working cross-functionally with development, security testing, and operations teams.

Preferred:

  • Hands-on experience with secure code review and application development.

  • Familiarity with source code management, build/deployment pipelines, and web application firewalls.

  • Knowledge of OWASP Top 10, MITRE CWE Top 25, and secure coding standards.

  • Relevant certifications such as CISSP, CDP, E|CDE.

  • Experience with compliance and regulatory standards such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST.

Location and Workplace Flexibility

We have offices in Atlanta GA, Boston MA, Morristown NJ, Plano TX, St. Louis MO, St. Petersburg FL, and Hyderabad, India. We foster a hybrid and remote friendly culture, and all our employee's work locations are based on the needs of the position and determined by the Leadership team. In-office work and activities, if applicable, vary based on the work and team objectives in accordance with Company policies.

  

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 
 
We welcome applicants from all backgrounds and encourage you to apply even if you don’t meet 100% of the qualifications for the role. We believe in the value of diverse perspectives and experiences and are committed to building an inclusive workplace for all. 

 

Accessibility Support 
We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com. 

  

Disclaimer 

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. 

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities, duties, and skills from time to time. 

Similar Jobs

CD PROJEKT RED - Senior Rendering Engineer

CD PROJEKT RED

Boston, Massachusetts, United States (Remote)
3 Months ago
Accurate - Pre-Screening Coordinator

Accurate

Thane, Maharashtra, India (On-Site)
1 Month ago
tic toe games - 2D Animator

tic toe games

Philippines (Remote)
3 Months ago
Axel springer - Events Manager

Axel springer

Arlington, Virginia, United States (Hybrid)
2 Weeks ago
Nintendo - Intern - IT Security

Nintendo

Redmond, Washington, United States (On-Site)
8 Months ago
Google - Software Engineer III, Infrastructure, Google Cloud Security and Privacy

Google

San Francisco, California, United States (On-Site)
9 Months ago
Anavation - Cyber Security SME

Anavation

Bethesda, Maryland, United States (On-Site)
1 Month ago
Jane Street - Physical Security Systems Engineer

Jane Street

New York, United States (On-Site)
2 Months ago
CME Group - Security Engineer II

CME Group

Bengaluru, Karnataka, India (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

fuse games - Handling Designer

fuse games

Guildford, England, United Kingdom (Hybrid)
1 Month ago
NXP - Principal System Application Engineer

NXP

San Jose, California, United States (On-Site)
2 Months ago
Playtika - Service Operations Analyst

Playtika

Ukraine (On-Site)
4 Months ago
Ansys - Lead R&D Software Engineer - C++/Python

Ansys

Chalandri, Greece (On-Site)
2 Months ago
Capgemini - RTCDP

Capgemini

Pune, Maharashtra, India (On-Site)
2 Months ago
lifechruh - Senior Program Manager

lifechruh

Edmond, Oklahoma, United States (On-Site)
10 Months ago
Side - Senior Sound Designer

Side

Montreal, Quebec, Canada (On-Site)
2 Weeks ago
Sunblink - Senior QA Analyst

Sunblink

Boulder, Colorado, United States (Remote)
1 Month ago
Nintendo - Product Tester I

Nintendo

Redmond, Washington, United States (On-Site)
11 Months ago
Boomi  - Developer

Boomi

India (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Plano, Texas, United States

Magic School - Senior Security Engineer (Application & Cloud Security)

Magic School

United States (Remote)
1 Month ago
WebFX - Jr. Internet Marketing Specialist

WebFX

Harrisburg, Pennsylvania, United States (On-Site)
9 Months ago
Match Group - Senior Product Manager

Match Group

Dallas, Texas, United States (Hybrid)
3 Weeks ago
Jane Street - Tools and Compilers Research and Development Intern

Jane Street

New York, United States (On-Site)
1 Month ago
Next Level Business Services - IIB, DP, ODM Admin

Next Level Business Services

Burbank, California, United States (On-Site)
9 Months ago
Scout - Lead, Electrical System Validation

Scout

Novi, Michigan, United States (On-Site)
1 Month ago
Palo Alto Networks - Revenue Manager - NPI

Palo Alto Networks

Santa Clara, California, United States (On-Site)
3 Weeks ago
bytedance - Video Coding/Transcoding Algorithm Engineer

bytedance

San Jose, California, United States (On-Site)
9 Months ago
C3 IoT - Senior Director, Strategic Solutions – Federal Defense and Law Enforcement

C3 IoT

Huntsville, Alabama, United States (On-Site)
4 Weeks ago
Apple - Silicon Validation Software Engineer

Apple

Austin, Texas, United States (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

bytedance - Senior Software Engineer, Anti-DDoS - Network Security

bytedance

San Jose, California, United States (On-Site)
3 Months ago
PayPal - Staff Cybersecurity Engineer

PayPal

Scottsdale, Arizona, United States (Hybrid)
3 Weeks ago
Apple - Security Server Application Engineer

Apple

Sunnyvale, California, United States (On-Site)
2 Months ago
Fortra - Senior Security Engineer

Fortra

Canada (On-Site)
3 Weeks ago
Vercel - Software Engineer, CDN Security

Vercel

San Francisco, California, United States (Hybrid)
2 Months ago
Roof Stacks - Senior Cyber Security Engineer

Roof Stacks

Istanbul, İstanbul, Türkiye (Remote)
7 Months ago
Anavation - Senior Information Security Specialist

Anavation

Clarksburg, West Virginia, United States (Hybrid)
1 Week ago
Tide - Staff Backend Engineer - DevEx, Security and Technology Foundations

Tide

Vilnius, Vilnius County, Lithuania (Hybrid)
3 Months ago
Rippling - Senior Security Engineer - Corporate Security

Rippling

San Francisco, California, United States (Remote)
3 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts – driving real, measurable results for clients.

St. Petersburg, Florida, United States (On-Site)

St. Petersburg, Florida, United States (Remote)

New Jersey, United States (Remote)

Phoenix, Arizona, United States (On-Site)

St. Petersburg, Florida, United States (Remote)

St. Petersburg, Florida, United States (Remote)

St. Louis, Missouri, United States (Remote)

View All Jobs

Get notified when new jobs are added by Zelis

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug