Director of Application and DevSecOps Security

🕒 vor 19 Tagen

🤠 Texas – Remote

🤠 Texas – Remote

💵 $150.200 - $214.500 / Jahr

⏰ Vollzeit

🔴 Experte

⛑ DevOps- und Site Reliability Engineer (SRE)

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Gainwell Technologies

WebsiteLinkedInAlle Stellen

10.000+ Mitarbeiter

⚕️ Krankenversicherung

💰 Grant im 2023-06

Healthcare Insurance • Human Services • Healthcare

Gainwell Technologies ist der führende Anbieter von digitalen und cloud-fähigen Lösungen im Bereich der Human Services und der öffentlichen Gesundheit in den USA. Mit einem zielorientierten Ansatz bedient Gainwell Kunden in allen 50 US-Bundesstaaten und konzentriert sich darauf, Gesundheitsergebnisse zu verbessern und intuitive, menschzentrierte Erfahrungen zu bieten. Ihr umfassendes Lösungsspektrum umfasst die Modernisierung von Medicaid Enterprise, Datenanalysen, Anbieter-Dienstleistungen und Apothekenlösungen, die alle darauf ausgelegt sind, die Zukunft des Gesundheitswesens voranzutreiben und das Wohl der Gemeinschaft zu verbessern.

Beschreibung

• Define and lead the enterprise Application Security and DevSecOps strategy aligned to business objectives • Build and mature a shift-left security program integrated into CI/CD pipelines • Establish and implement roadmap for API security, including governance, discovery, and runtime protection • Balance governance with enablement by establishing guardrails, reusable patterns, and self‑service security tooling that empower engineering teams • Lead, mentor, and grow a high-performing security engineering team • Oversee secure coding practices, SAST/DAST/SCA tooling, and vulnerability management processes • Define API security standards including authentication, authorization, rate limiting, and data protection • Drive threat modeling practices across critical applications and services • Partner with engineering and development teams to remediate risks and improve secure design patterns • Embed automated security controls into CI/CD pipelines • Champion developer-first security tooling and workflows • Partner with DevOps teams to ensure secure infrastructure-as-code (IaC) practices • Measure and improve security posture through pipeline metrics and KPIs • Define and maintain secure SDLC policies, standards, and control frameworks • Establish secure design and architecture requirements for new systems • Ensure alignment with regulatory and compliance requirements (e.g., SOC 2, ISO 27001, NIST) • Lead security reviews and design approvals for critical initiatives • Design and implement role-based and just-in-time developer security training programs • Build secure coding guidelines and internal knowledge resources • Drive security awareness and culture across engineering teams • Partner with leadership to ensure adoption and accountability • Define KPIs and KRIs for application and DevSecOps security maturity • Report on risk posture, vulnerabilities, and program effectiveness to executive leadership • Continuously assess and improve tooling, processes, and coverage

🎯 Anforderungen

• 10+ years of experience in cybersecurity with a strong focus on application security and DevSecOps • 5+ years in a leadership or director-level role managing teams • Deep expertise in secure SDLC, application security testing (SAST, DAST, SCA), and API security • Experience integrating security into CI/CD pipelines and cloud-native environments (AWS, Azure, or GCP) • Experience with container security, Kubernetes security, serverless security concepts and delivery • Strong knowledge of modern architectures (microservices, containers, Kubernetes) • Proven experience building security programs and influencing engineering culture

🏖️ Vorteile

• Generous, flexible vacation policy • Educational assistance • Comprehensive health benefits • 401(k) employer match • Leadership and technical development academies