US Citizen
Green Card
EAD (OPT/CPT/GC/H4)
H1B Work Permit
Corp-Corp
W2-Permanent
W2-Contract
Contract to Hire
Consulting/Contract
UG :- - Not Required
PG :- - Not Required
No of position :- ( 1 )
Post :- 22nd Feb 2024
The App Security Engineer Sr. position plays a key role in the security of MBM’s platform. This platform powers our specialty care management solutions which support both our health plan partners and the members they cover. We are looking for a new member for our security development team who will be, along with the team, responsible for reviewing the vulnerabilities from check marx 1 and other security scans and fix these with vulnerabilities, work with app developers to test and release.
Primary duties may include, but are not limited to:
• Collaborate with app sec team members and also broader delivery teams across MBM.
• Understand both business and security requests and requirements and integrate those needs into the application.
• Develop robust, reusable and security components for reuse.
• Share ideas and concepts with our development teams to improve and extend our security
• Performs technical code reviews.
• Ensures unit test is completed and meets the test plan requirements, integration testing is completed.
Required Skills
7+ experience in Java 8 or above, Spring Boot
Has some hands own experience in fixing security vulnerability issues
Previous experience in interacting with client and running an onshore-offshore model
Experienced in designing, developing, and deploying enterprise applications.
Experienced in developing web-based applications, services, troubleshooting and debugging code, and working with relational databases.
Experience with CI/CD orchestration tools like Jenkins, Groovy, UCD, Maven, Gradle
Experience with software composition analysis, exposed vulnerabilities within application code, and the remediation therein
Experience with Left-Shift SDLC and DevSecOps
Experience with Checkmarx, SonarQube
Nice To Have
Experience with SonarQube
Experience with Agile ceremonies
Experience with cloud technologies: SAAS, IAAS, Docker, Kubernetes