RxSense
We are a healthcare technology company that provides platforms and solutions to improve the management and access of cost-effective pharmacy benefits. Our technology helps enterprise and partnership clients simplify their businesses and helps consumers save on prescriptions.
As a leader in SaaS technology for healthcare, we offer innovative solutions with integrated intelligence on a single enterprise platform that connects the pharmacy ecosystem. With our expertise and modern, modular platform, our partners use real-time data to transform their business performance and optimize their innovative models in the marketplace.
Position Summary:
The Application Security Engineer position is a mid-tier role in the RxSense Information Security team that will focus on assessing and managing risks in the application security domain. In this role you will act as an application security SME on project teams and be responsible for performing various security touchpoints throughout the RxSense Software Development Lifecycle.
Must be aware of and comply with all aspects of the RxSense Information Security Program and the policies contained therein. Must always understand the importance of maintaining Information Security in all Business Operations.
Job Responsibilities:
Work with development and product teams to define security requirements and ensure they are followed Partner with development and product teams to drive remediation of security gaps Coordinate 3rd party penetration tests and work with internal teams to remediate findings Perform architecture and design reviews on company applications Monitor and analyze application security logs and events to detect and respond to security threats Perform monitoring and management of Web Application Firewall Interpret and manually validate Static Application Security Testing (SAST) results Manage SAST, SCA and DAST tools to ensure comprehensive testing and remediation of findings Analyze and report on risks discovered through application security testing Participate on project teams as InfoSec representative Ability to quickly adapt to changing priorities as business needs change Excellent interpersonal and communication skills a must Strengths:
Knowledge and experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Lifecycle). Experience with software development, programing, scripting. Experience with OWASP ZAP or Burp Proxy Experience with static application security testing tools Knowledge and experience with implementing and managing web application firewalls High level understanding of securing Cloud Platforms, AWS and GCP, cloud architecture Although the position is in application security domain, a broad interest/experience across the whole security domain would be an advantage Requirements:
BS in Information Systems preferred but appropriate experience is acceptable 3+ years of experience in application security is required. Must have the ability to identify, analyze and solve security risks pragmatically Familiarity with web application architecture, APIs, and cloud environments Experience with security standards and frameworks, such as OWASP, NIST, or CIS Practical understanding of common application security vulnerabilities Excellent problem-solving and analytical skills with demonstrated ability to investigate and solve complex problems Excellent communication skills are needed with demonstrated ability to work with multiple organizational functions and levels Certifications a plus; GWAPT, GWEB, CISSP, etc. Salary Range: $120,000 - $135,000
RxSense believes that a diverse workforce is a more talented and productive workforce. As such, we are an Equal Opportunity and Affirmative Action employer. Our recruitment process is free from discriminatory hiring practices and all qualified applicants are considered for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity, ancestry, age, or national origin. Neither will qualified applicants be discriminated against on the basis of disability or protected veteran status. We believe in the strength of the collaboration, creativity and sense of community a diverse workforce brings.
In Office Policy : Candidates within a commutable distance to one of the offices listed below will be expected to commit to a hybrid in office schedule if selected.
Boston, MA Princeton, NJ New York City, NY West Palm Beach, Florida
As a leader in SaaS technology for healthcare, we offer innovative solutions with integrated intelligence on a single enterprise platform that connects the pharmacy ecosystem. With our expertise and modern, modular platform, our partners use real-time data to transform their business performance and optimize their innovative models in the marketplace.
Position Summary:
The Application Security Engineer position is a mid-tier role in the RxSense Information Security team that will focus on assessing and managing risks in the application security domain. In this role you will act as an application security SME on project teams and be responsible for performing various security touchpoints throughout the RxSense Software Development Lifecycle.
Must be aware of and comply with all aspects of the RxSense Information Security Program and the policies contained therein. Must always understand the importance of maintaining Information Security in all Business Operations.
Job Responsibilities:
Work with development and product teams to define security requirements and ensure they are followed Partner with development and product teams to drive remediation of security gaps Coordinate 3rd party penetration tests and work with internal teams to remediate findings Perform architecture and design reviews on company applications Monitor and analyze application security logs and events to detect and respond to security threats Perform monitoring and management of Web Application Firewall Interpret and manually validate Static Application Security Testing (SAST) results Manage SAST, SCA and DAST tools to ensure comprehensive testing and remediation of findings Analyze and report on risks discovered through application security testing Participate on project teams as InfoSec representative Ability to quickly adapt to changing priorities as business needs change Excellent interpersonal and communication skills a must Strengths:
Knowledge and experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Lifecycle). Experience with software development, programing, scripting. Experience with OWASP ZAP or Burp Proxy Experience with static application security testing tools Knowledge and experience with implementing and managing web application firewalls High level understanding of securing Cloud Platforms, AWS and GCP, cloud architecture Although the position is in application security domain, a broad interest/experience across the whole security domain would be an advantage Requirements:
BS in Information Systems preferred but appropriate experience is acceptable 3+ years of experience in application security is required. Must have the ability to identify, analyze and solve security risks pragmatically Familiarity with web application architecture, APIs, and cloud environments Experience with security standards and frameworks, such as OWASP, NIST, or CIS Practical understanding of common application security vulnerabilities Excellent problem-solving and analytical skills with demonstrated ability to investigate and solve complex problems Excellent communication skills are needed with demonstrated ability to work with multiple organizational functions and levels Certifications a plus; GWAPT, GWEB, CISSP, etc. Salary Range: $120,000 - $135,000
RxSense believes that a diverse workforce is a more talented and productive workforce. As such, we are an Equal Opportunity and Affirmative Action employer. Our recruitment process is free from discriminatory hiring practices and all qualified applicants are considered for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity, ancestry, age, or national origin. Neither will qualified applicants be discriminated against on the basis of disability or protected veteran status. We believe in the strength of the collaboration, creativity and sense of community a diverse workforce brings.
In Office Policy : Candidates within a commutable distance to one of the offices listed below will be expected to commit to a hybrid in office schedule if selected.
Boston, MA Princeton, NJ New York City, NY West Palm Beach, Florida