RemoteLeaf Logo
Log in Sign up

Application Security Engineer

9 hours, 50 minutes ago
India, United States
Full-time
Lead
Application Security Engineer
Cybersecurity
Agile DevSecOps Encryption GCP HIPAA Penetration Testing
Apply Now
Inovalon

Inovalon

Inovalon provides cloud-based platforms that facilitate a data-driven transformation in the healthcare industry, enabling organizations to enhance clinical outcomes and financial performance through advanced analytics and large-scale data interconnecti...

IT Services
1K-5K
Founded 1998
View All Jobs 8

Description

  • Serve as a security engineering subject matter expert across multiple teams and services.
  • Establish, document, and evolve secure coding standards, patterns, and best practices for SaaS applications.
  • Lead and participate in secure design and code reviews to identify security flaws, architectural risks, and unsafe patterns early.
  • Collaborate with engineers to remediate vulnerabilities in a maintainable and scalable way.
  • Define, track, and manage security risks, mitigations, and accepted residual risks as engineering artifacts.
  • Translate threats and regulatory obligations into clear, actionable, and testable security requirements.
  • Ensure security requirements are incorporated into architecture decisions, product backlogs, acceptance criteria, and definitions of done.
  • Define and validate security controls for authentication and authorization, encryption and key management, secure session management, and protection of PHI and cardholder data.
  • Partner with Quality Engineering and DevSecOps to validate security controls through secure code analysis, threat-driven tests, and security regression testing.
  • Support penetration testing, security assessments, incident response, root-cause analysis, and security retrospectives.

Requirements

  • 6+ years of experience as a Software Engineer with a strong emphasis on application security.
  • Proven experience securing cloud-native SaaS applications.
  • Hands-on experience establishing or enforcing secure coding standards.
  • Strong understanding of authentication and authorization failures, secure session management, injection and input validation risks, and encryption, key management, and data protection.
  • Experience working in Agile development environments.
  • Experience supporting HIPAA-regulated systems and protecting PHI.
  • Experience working with or supporting PCI DSS-scoped applications and payment data flows.
  • Understanding of how compliance requirements translate into practical engineering controls.
  • One or more preferred certifications: CSSLP, cloud security certifications such as GCP or equivalent security specialization, or application-security-focused certifications such as GWAPT or GWEB.
  • Must be authorized to work in the United States; the role is not eligible for immigration sponsorship for US-based positions.

Benefits

  • The company promotes a mission-driven culture focused on inclusion and innovation.
  • Inovalon is an equal opportunity workplace committed to equitable employment regardless of protected characteristics.
  • Qualified applicants are encouraged to apply even if they do not meet every qualification listed.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Crypto.com

Application Support Engineer — Blockchain Security & AI Automation

Crypto.com 1K-5K Capital Markets

Crypto.com is hiring an Application Support Engineer in its Blockchain Security team to keep production blockchain applications stable while improving support operations through AI-driven automation.

United Kingdom Full-time Mid Level Application Security Engineer
Blockchain Encryption Go LLM Node.js Python REST API Rust Solana
8 hours, 40 minutes ago
GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
23 hours, 11 minutes ago
TrueML

Sr. Application Security Engineer

TrueML 51-250 Internet Software & Services

TrueML is hiring a Senior Application Security Engineer to secure applications across the software development lifecycle for its remote U.S. product and technology team.

United States Full-time Lead Application Security Engineer
$125k-$140k
AWS CI/CD Docker Go JWT Kubernetes OAuth OWASP Python SAML SIEM WAF
1 day ago
SpaceX

Product Security Engineer (Starlink)

SpaceX 10K-50K Aerospace & Defense

SpaceX is hiring a Product Security Engineer for Starlink to design and strengthen security across the company’s satellite internet systems, from software and infrastructure to factory and network processes.

United States Full-time Mid Level Application Security Engineer
$130k-$180k
C C++ Go Network Security Python TCP/IP
1 day, 5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers