Note: The job is a remote job and is open to candidates in USA. California Correctional Health Care Services is seeking a highly skilled Lead Application Security Engineer to help secure business-critical web applications and emerging AI-enabled applications. In this role, you will work closely with developers and technology leaders to identify risks and improve secure development practices.
Responsibilities
- Lead application security initiatives using Secure SDLC, threat modeling, OWASP, AI TRiSM and NIST best practices
- Perform application security architecture reviews, application code reviews, vulnerability assessments, and application penetration testing activities
- Drive BRD, TDD, SDD, design, and code reviews with a security-risk lens; estimate effort for SAST, DAST, IAST, and application penetration-testing initiatives
- Own and advance AI powered application security strategy to safeguard applications, micro-segmentation, microservices, APIs, and UI components
- Execute Quality Agile + DevSecOps transformation activities to improve end-to-end application security across the enterprise
- Perform application vulnerability exploitation, application security audits, and application penetration testing to identify and mitigate high-risk exposures
Skills
- 5+ years of application security experience, including securing applications with privacy, and regulatory compliance (PII, PHI, PCI)
- Hands-on experience with SAST, DAST, IAST, application penetration testing, and fuzz testing tools used by ethical hackers for the AI era
- Exposure to one or more application development frameworks: C#, .NET, Java, jQuery, AngularJS, ReactJS, GraphQL, Web APIs/Services, XML and Agentic AI
- Strong knowledge of application threat modeling, continuous protection via RASP, ADR or unified security platform and AI Security methodologies
- Ability to research emerging application security technologies, zero-day vulnerabilities, AI TRiSM framework and best practices
- Experience securing Web, Cloud, Agentic AI applications and Ethical Hacking, or Application PenTest certifications are a plus
- Experience implementing application security controls and application security testing solutions through the software development lifecycle – Secure SDLC
- Working knowledge of JIRA or similar defect-tracking systems and Work Breakdown Structures
- Excellent communication, presentation and collaboration skills
Benefits
- Health Benefits Program (CalPERS)
- Retirement (CalPERS)
- Employer Health and Consolidated Benefits Contributions
- Dental, Vision
- 401(k) and 457 Deferred Compensation Plans
- Employee Assistance Program
- Group Legal Services Insurance
- Holidays, Vacation/Sick/Other Paid Leave
- Flex Elect Reimbursement Program
- Wellness and Recognition
- Alternate Work Schedules
- Transit Pass Program
- Tuition Reimbursement
- Dependent Scholarship Program
- Leadership Training
- Mentoring Program
Company Overview
California Correctional Health Care Services provides medical, dental, and mental health care services. It was founded in 2006, and is headquartered in Elk Grove, California, USA, with a workforce of 10001+ employees. Its website is https://cchcs.ca.gov.