CVS Digital is looking for a talented software security manager with a deep technical background and experience leading technical teams and vulnerability management programs. Experience leading a team is critical, with a passion for optimizing security posture within consumer applications, cloud environments, and the SDLC.
We are looking for the right candidates to have:
Servant leadership qualities
Lead and manage a team of technically apt software security analysts
Experience with scaling small teams in order to meet organizational objectives, such as a shared service
An ability to clearly and effectively provide, and communicate; opportunities and/or strategies for improvement to the software security analysts and greater organization
Experience with CI/CD build tools (Bamboo, Jenkins, CircleCI, etc)
Software security experience with backend services, APIs, or front-end applications (native mobile and web)
An understanding of application deployment patterns and best practices
Display an understanding and use of cloud security and software security standards and best practices such as CIS, OWASP, CSA, NIST in order to ensure compliance for all
Have cloud security knowledge (AWS, GCP, Azure) with a focus on IAM, vulnerability management, threat modeling, data security and networking
Display an understanding of application deployment patterns and best practices in order to ensure a functional and modular DevSecOps pipeline
Develop, publish and maintain internal guidelines for security policies and control standards
Roles and Responsibilities:
Coach and provide career path guidance to Software Security Analysts
Enforce and facilitate security requirements for
Coach and provide software security training to development teams
Peer-review reports generated by SAST/DAST tools
o Triage defects to the appropriate scrum team
o Assist Product Owners with monitoring and tracking of defects according to company policy
Attend and participate in Scrum ceremonies as needed
Develop solutions to strengthen the security in and around applications.
Analyze industry specific requirements/technologies and provide insight.
Work with appropriate parties such as Engineering and Architecture leads to raise issues and work toward resolution.
Maintain effective relationships with various audience levels.
Escalate issues requiring resolution on a timely basis
7+ years of experience which includes:
o People management, leading a technical team
o Software Development, DevOps or Infrastructure Engineering experience
o Cloud security experience
o Application or network security experience
3+ years of software vulnerability management experience
3+ years of public cloud experience (ideally AWS tools and services, OR Azure, Google Cloud, OR OpenStack)
COVID-19 Vaccination Requirement
CVS Health requires its Colleagues in certain positions to be fully vaccinated against COVID-19 (including any booster shots if required), where allowable under the law, unless they are approved for a reasonable accommodation based on disability, medical condition, pregnancy, or religious belief that prevents them from being vaccinated.
- If you are vaccinated, you are required to have received at least one COVID-19 shot prior to your first day of employment and to provide proof of your vaccination status within the first 10 days of your employment. For the two COVID-19 shot regimen, you will be required to provide proof of your second COVID-19 shot within the first 45 days of your employment. Failure to provide timely proof of your COVID-19 vaccination status will result in the termination of your employment with CVS Health.
- If you are unable to be fully vaccinated due to disability, medical condition, pregnancy, or religious belief, you will be required to apply for a reasonable accommodation within the first 10 days of your employment in order to remain employed with CVS Health. As a part of this process, you will be required to provide information or documentation about the reason you cannot be vaccinated. If your request for an accommodation is not approved, then your employment may be terminated.
Microservices architecture (Docker)
Experience working in an Agile SCRUM (or SAFe) SDLC
Bachelor's degree or equivalent experience.
At CVS Health, we are joined in a common purpose: helping people on their path to better health. We are working to transform health care through innovations that make quality care more accessible, easier to use, less expensive and patient-focused. Working together and organizing around the individual, we are pioneering a new approach to total health that puts people at the heart.
We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring or promotion based on race, ethnicity, sex/gender, sexual orientation, gender identity or expression, age, disability or protected veteran status or on any other basis or characteristic prohibited by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.