AppSec, DevSecOps Engineer

Job not on LinkedIn

🕒 April 15

🇺🇸 United States – Remote

💵 $120k - $135k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

⛑ DevOps & Site Reliability Engineer (SRE)

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Public Partnerships | PPL

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

⚕️ Healthcare Insurance

🤝 B2B

Healthcare Insurance • B2B

Public Partnerships | PPL is a provider of financial management and administrative services that enable self-directed Medicaid long-term care. The company helps eligible Medicaid participants hire and manage caregivers (including family or friends), handles payroll, payments, tax and compliance paperwork, and offers online tools and support to participants, caregivers, and program administrators. PPL partners with state Medicaid agencies and managed care organizations to administer self-directed care programs across multiple states, aiming to simplify program administration and keep people in their homes.

📋 Description

• Integrate security at every phase of the software development lifecycle. • Collaborate with engineering and product teams in Agile/Scrum environments to prioritize, track, and remediate security issues during sprint cycles. • Develop and maintain threat models and perform design reviews. • Lead threat modeling sessions and conduct in-depth security architecture reviews. • Educate development teams on secure coding practices. • Actively support the organization’s secure software development lifecycle (SDLC) initiatives by integrating security controls, processes, and testing into development workflows and CI/CD pipelines. • Integrate security testing tools (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines. • Perform and manage vulnerability assessments, code reviews, and penetration testing. • Secure containerized environments (Docker, Kubernetes). • Ensure cloud infrastructure security (AWS/GCP/Azure) using infrastructure-as-code (IaC) tools like Terraform or CloudFormation. • Support documentation and evidence collection for SOC 2 Type II audits and HIPAA security risk assessments.

🎯 Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience) • 5+ years of experience in AppSec, DevSecOps, or related roles • 7+ years experience in related field (preferred) • Certifications: OSCP, CISSP, CSSLP, CEH, or similar. • Experience with cloud-native security in Azure, AWS, and GCP. • Hands-on experience with NIST, HIPAA, and SOC 2 application security compliance, including security assessments and control implementation. • Experience leading penetration testing engagements and managing remediation in collaboration with development teams. • Experience with bug bounty programs or working with security researchers. • Experience implementing or supporting a security champions program is a plus.

🏖️ Benefits

• 401k Retirement Plan • Medical, Dental and Vision insurance on first day of employment • Generous Paid Time Off • Employee Assistance Program and more