Inovalon

Inovalon

Inovalon provides cloud-based platforms that facilitate a data-driven transformation in the healthcare industry, enabling organizations to enhance clinical outcomes and financial performance through advanced analytics and large-scale data interconnecti...

IT Services
1K-5K
Founded 1998

Description

  • Serve as a security engineering subject matter expert across multiple teams and services.
  • Establish, document, and evolve secure coding standards, patterns, and best practices for SaaS applications.
  • Lead and participate in secure design and code reviews to identify security flaws, architectural risks, and unsafe patterns early.
  • Collaborate with engineers to remediate vulnerabilities in a maintainable and scalable way.
  • Define, track, and manage security risks, mitigations, and accepted residual risks as engineering artifacts.
  • Translate threats and regulatory obligations into clear, actionable, and testable security requirements.
  • Ensure security requirements are incorporated into architecture decisions, product backlogs, acceptance criteria, and definitions of done.
  • Define and validate security controls for authentication and authorization, encryption and key management, secure session management, and protection of PHI and cardholder data.
  • Partner with Quality Engineering and DevSecOps to validate security controls through secure code analysis, threat-driven tests, and security regression testing.
  • Support penetration testing, security assessments, incident response, root-cause analysis, and security retrospectives.

Requirements

  • 6+ years of experience as a Software Engineer with a strong emphasis on application security.
  • Proven experience securing cloud-native SaaS applications.
  • Hands-on experience establishing or enforcing secure coding standards.
  • Strong understanding of authentication and authorization failures, secure session management, injection and input validation risks, and encryption, key management, and data protection.
  • Experience working in Agile development environments.
  • Experience supporting HIPAA-regulated systems and protecting PHI.
  • Experience working with or supporting PCI DSS-scoped applications and payment data flows.
  • Understanding of how compliance requirements translate into practical engineering controls.
  • One or more preferred certifications: CSSLP, cloud security certifications such as GCP or equivalent security specialization, or application-security-focused certifications such as GWAPT or GWEB.
  • Must be authorized to work in the United States; the role is not eligible for immigration sponsorship for US-based positions.

Benefits

  • The company promotes a mission-driven culture focused on inclusion and innovation.
  • Inovalon is an equal opportunity workplace committed to equitable employment regardless of protected characteristics.
  • Qualified applicants are encouraged to apply even if they do not meet every qualification listed.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Principal Security Architect (Product Security)

Anaplan 1K-5K Internet Software & Services

Anaplan is hiring a Senior Security Architecture IC to define and drive secure-by-design architecture across its enterprise planning platform and AI products.

Encryption Machine Learning OWASP
11 hours, 42 minutes ago

Principal Security Architect (Product Security)

Anaplan 1K-5K Internet Software & Services

Anaplan is hiring a Senior Security Architect to define and drive secure architecture across its enterprise planning platform, including legacy and AI-enabled products.

Encryption LLM Machine Learning OWASP
11 hours, 42 minutes ago

Senior Application Security Architect

Binance 5K-10K Capital Markets

Binance is seeking an Application Security professional to help secure its global blockchain and cryptocurrency products by designing protections, reviewing risks, and guiding secure development practices.

Java OWASP Penetration Testing
3 days, 11 hours ago

Senior Application Security Engineer

ClearCapital.com, 1-10 Real Estate

Clear Capital is hiring a Senior Application Security Engineer to secure application services and related dependencies across the software lifecycle, with a strong focus on risk mitigation, secure development, and AI and third-party software security.

AWS C++ Java JavaScript Penetration Testing PHP PowerShell Python Ruby
1 week ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers