FreeHire

Blue Shield of California

Information Security Engineer, Principal

Show

Your Role

The Application Security team reports to the Director of Information Security and is responsible for driving continual risk reduction across application services. This role partners closely with development teams, providing security oversight at each stage of the Software Development Lifecycle while enabling the business to operate securely at scale.

Your Work

In this role, you will:

  • Evaluate new solution proposals and provide security requirements

  • Perform STRIDE based threat modeling

  • Complete secure source code reviews

  • Create and review CICD layer security unit tests

  • Administer our bug bounty program

  • Coach security champions in our partnering teams

  • Provide general security consulting

  • Create and leverage AI solutions for streamlining your work

  • Drive continual maturation of our Application Security program, consistent with proven industry best practices and maturity models.

Your Knowledge and Experience

  • Bachelor's degree or equivalent experience
  • At least 10 years prior relevant experience with at least 2 years working in Application Security
  • Deep, demonstrated understanding of Application Security paradigms and common risks (i.e. OWASP Top Ten)
  • Strong understanding of Agile delivery models and backlog management
  • Ability to manage multiple complex workstreams and successfully interact with all levels of management
  • Experience with regulatory certifications such as HIPAA, SOC2, PCI-DSS and FedRAMP
  • Excellent verbal / written communication, collaboration, analytical and presentation skills
  • Experience with AI/ML concepts and tools desired
  • Preferred experience working within the Healthcare industry

Hybrid

This role requires employees to be in - office based on our hybrid workplace model, balancing purposeful in - person collaboration with flexibility. For most teams, this means coming into the office two days each week.

Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need.

#LI-CP4

Similar jobs

Blue Shield of California North America
2 weeks ago

Information Security Engineer, Consultant

Blue Shield of California North AmericaSenior
3 weeks ago

Information Security Risk and Governance Specialist, Senior

Blue Shield of California North America
2 weeks ago

Director, Strategic Planning and Performance

bluebridge Europe
5 months ago

IT saugumo inžinierė - konsultantė (-as)

brevanhoward APACC-level
4 months ago

Head of Security Engineering

tdecu
5 months ago

Director - Information Security