Sr Application Security Engineer

As a Sr. application security engineer, this candidate who joins this team will work towards the design and implement application security solutions throughout the enterprise, collocation, and cloud environments. Work under minimal supervision, performs as a senior technical contributor as a hands-on Lead Application security Engineer. Execute the development of Infrastructure resources and services using Infrastructure as Code, cloud-based technologies, and various scripting languages. These resources and services will provide strategic integration between internal and external systems. This engineer will assist in the design, development, and delivery of solutions and services to meet internal and external business needs. This engineer will demonstrate strong technical acumen through direct rapid prototyping and iterative development to deliver scalable, high-performance services into production. This engineer will be responsible for quickly assessing the scope and need from business inputs, establishing MVP (Minimal Viable Product) proofs of concept, and finally hands-on coding and delivery of scalable solutions and services into production. Independently researches and resolves complex technical problems. Manages a time and action calendar and the quality of deliverables.

Education:

• Bachelor's degree or equivalent experience in a related discipline is required.
• Required Certifications: F5-CA.
• Desirable Certifications: Any F5-CTS: BIG-IP LTM, BIG-IP DNS, BIG-IP APM, BIG-IP ASM
• Related Certifications: Citrix Netscaler, Cisco, Palo Alto, Cloud (Azure/Google)

Experience required: 8-15yrs

Skill Requirements:

• Deep knowledge of TCP/IP stack, TCP and TLS handshake.
• Deep knowledge of any two F5 modules such as LTM, DNS, ASM, APM.
• Experience with F5 BIG-IQ for platform management.
• Experience with ADCs such as F5 products, NGINX, and Citrix NetScaler appliances.
• Experience with web application firewalls (F5 ASM, NetScaler WAF, Imperva).
• Experience with integration of APIs/API Gateways. (F5/NGINX).
• Experience with Auth services such as OAuth, OIDC, SAML, mTLS, etc.
• Experience with security technologies within cloud providers (Azure or Google).
• Familiarity with emerging technologies such as cloud providers (Azure or Google), containerization (Kubernetes), automation, and orchestration (Ansible, Terraform).

Preferred Skills:

• Comprehensive experience designing and supporting converged networks.
• Wide-ranging knowledge of platform management tools and utilities.
• Strong analytical, design, engineering, planning, and problem-solving skills.
• Strong presentation and interpersonal communication skills, including proficiency with MS Visio, PowerPoint, and Excel.

Key Technologies:
This section provides a reference for the candidate on the high importance topics that are required or expected at the interview phase. As described on the skills section, the candidate is expected to be experienced in at least two of the five modules described below:

LTM: Proxy, Reverse Proxy, Virtual Servers, Pools, Ciphers, Monitors, NATs, Policies, and profiles.
DNS: GSLB, WideIPs, Listeners, DNS Zones, DNS Express, iQuery
APM: iSessions, Authentication, Profiles and Policies, API Protection, Webtop.
ASM: OWASP Top 10 (Web and API versions), AWAF, Application Security Policies.
BIG-IQ: License Management, Device Management, Automatic Backups, configuration, and deployment.

Responsibilities include:

• Develop, document, and deploy automated operational processes and procedures.
• Engage in Business Unit projects to elicit platform requirements, specifications, and project scope.
• Design and implement project-based platform solutions within the enterprise datacenters and cloud platforms.
• Produce detailed designs with time/effort estimates for platform solutions, adhering to network architecture standards.
• Implement platform infrastructure and security to company standards and policies.
• Research and test platform management and monitoring products and tools to maintain currency and enhance functionality.
• Provide Level 3 diagnosis and advanced troubleshooting when required and participates in on-call rotation.
• Perform short-term and long-term platform capacity planning.
• Participate in cross-training efforts with less experienced staff.

Work Hours: Ability to work a flexible schedule based on department needs. Ability to work primarily in a remote environment and attend in-office meetings when needed.

Travel Requirement

Ability to travel up to 10% (travel is sporadic)

At CoverMyMeds, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being . Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at CoverMyMeds, please click here.

As part of Total Rewards, we are proud to offer a competitive compensation package at CoverMyMeds. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position

As a Sr. application security engineer, this candidate who joins this team will work towards the design and implement application security solutions throughout the enterprise, collocation, and cloud environments. Work under minimal supervision, performs as a senior technical contributor as a hands-on Lead Application security Engineer. Execute the development of Infrastructure resources and services using Infrastructure as Code, cloud-based technologies, and various scripting languages. These resources and services will provide strategic integration between internal and external systems. This engineer will assist in the design, development, and delivery of solutions and services to meet internal and external business needs. This engineer will demonstrate strong technical acumen through direct rapid prototyping and iterative development to deliver scalable, high-performance services into production. This engineer will be responsible for quickly assessing the scope and need from business inputs, establishing MVP (Minimal Viable Product) proofs of concept, and finally hands-on coding and delivery of scalable solutions and services into production. Independently researches and resolves complex technical problems. Manages a time and action calendar and the quality of deliverables.

Education:

• Bachelor's degree or equivalent experience in a related discipline is required.
• Required Certifications: F5-CA.
• Desirable Certifications: Any F5-CTS: BIG-IP LTM, BIG-IP DNS, BIG-IP APM, BIG-IP ASM
• Related Certifications: Citrix Netscaler, Cisco, Palo Alto, Cloud (Azure/Google)

Experience required: 8-15yrs

Skill Requirements:

• Deep knowledge of TCP/IP stack, TCP and TLS handshake.
• Deep knowledge of any two F5 modules such as LTM, DNS, ASM, APM.
• Experience with F5 BIG-IQ for platform management.
• Experience with ADCs such as F5 products, NGINX, and Citrix NetScaler appliances.
• Experience with web application firewalls (F5 ASM, NetScaler WAF, Imperva).
• Experience with integration of APIs/API Gateways. (F5/NGINX).
• Experience with Auth services such as OAuth, OIDC, SAML, mTLS, etc.
• Experience with security technologies within cloud providers (Azure or Google).
• Familiarity with emerging technologies such as cloud providers (Azure or Google), containerization (Kubernetes), automation, and orchestration (Ansible, Terraform).

Preferred Skills:

• Comprehensive experience designing and supporting converged networks.
• Wide-ranging knowledge of platform management tools and utilities.
• Strong analytical, design, engineering, planning, and problem-solving skills.
• Strong presentation and interpersonal communication skills, including proficiency with MS Visio, PowerPoint, and Excel.

Key Technologies:
This section provides a reference for the candidate on the high importance topics that are required or expected at the interview phase. As described on the skills section, the candidate is expected to be experienced in at least two of the five modules described below:

LTM: Proxy, Reverse Proxy, Virtual Servers, Pools, Ciphers, Monitors, NATs, Policies, and profiles.
DNS: GSLB, WideIPs, Listeners, DNS Zones, DNS Express, iQuery
APM: iSessions, Authentication, Profiles and Policies, API Protection, Webtop.
ASM: OWASP Top 10 (Web and API versions), AWAF, Application Security Policies.
BIG-IQ: License Management, Device Management, Automatic Backups, configuration, and deployment.

Responsibilities include:

• Develop, document, and deploy automated operational processes and procedures.
• Engage in Business Unit projects to elicit platform requirements, specifications, and project scope.
• Design and implement project-based platform solutions within the enterprise datacenters and cloud platforms.
• Produce detailed designs with time/effort estimates for platform solutions, adhering to network architecture standards.
• Implement platform infrastructure and security to company standards and policies.
• Research and test platform management and monitoring products and tools to maintain currency and enhance functionality.
• Provide Level 3 diagnosis and advanced troubleshooting when required and participates in on-call rotation.
• Perform short-term and long-term platform capacity planning.
• Participate in cross-training efforts with less experienced staff.

Work Hours: Ability to work a flexible schedule based on department needs. Ability to work primarily in a remote environment and attend in-office meetings when needed.

Travel Requirement

Ability to travel up to 10% (travel is sporadic)

At CoverMyMeds, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being . Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at CoverMyMeds, please click here.

As part of Total Rewards, we are proud to offer a competitive compensation package at CoverMyMeds. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position

CoverMyMeds is an equal opportunity and affirmative action employer. We embrace diversity and are committed to creating an inclusive environment for all employees. Qualified applicants will be considered for employment without regard to race, religion, gender, gender identity, sexual orientation, national origin, age, disability or veteran status.

McKesson Corporation is an American company distributing pharmaceuticals and providing health information technology, medical supplies, and care management tools.