Ascension
Join our Talent Network
Skip to main content

Want to change your preferred location?
You’ll then get information specific to your new service region.

Want to change your preferred location?
You’ll then get information specific to your new service region.

Senior Application Security Specialist

We Are Hiring

 Senior Application Security Specialist 

 Infra Security

7715 Chevy Chase Building - Austin, TX

Why Join Ascension?

Ascension Technologies  leverages technology to create collaborative solutions that improve everyday health decisions. The technology enables seamless access to data across all applications transforming the customer experience when interacting with technology and enhancing our ability across Ascension to better serve communities with greater agility and responsiveness.  It is used to provide insightful use of automation and data-drive improvements to enhance the provider, patient and consumer experience as well as keeping cybersecruity with a strong posture to protect data and other valuable assets.  

Ascension is a faith-based healthcare organization dedicated to transformation through innovation across the continuum of care. As one of the leading non-profit and Catholic health systems in the U.S., Ascension is committed to delivering compassionate, personalized care to all, especially to those most in need. In FY2018, Ascension provided nearly $2 billion in care of persons living in poverty and other community benefit programs. 

What You Will Do

Job Summary:

The Senior Application Security Specialist will lead the evaluation of the security posture of Web Applications, Mobile Applications, API’s and Web Services hosted both on-premises and in the cloud. The specialist will work jointly with Product Development Teams and Architects to review application code, identify potential security issues, and suggest/track remediations for applications and back-end systems. Conduct web and mobile application security vulnerability assessments using Static Application Security Testing (SAST), Software Composition Analysis (SCA), and / or Dynamic Application Security Testing (DAST) using scanning tools and manual checks to provide visibility to the appropriate development teams in order to coordinate follow-up. An understanding of modern web application development languages is necessary to communicate mitigating controls and potential remediation activities.  Familiarity will Continuous Integration/Continuous Delivery (CI/CD) is also required.

 

Responsibilities:

  • Align application security strategy with business goals.
  • Partner with developers to refine security checkpoints in the SDLC that are based industry-accepted doctrine such as NIST SP 800-115 and/or ISO security standards.
  • Develop policy and relevant guidelines to define security and operational requirements.
  • Translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
  • Manage and executes strategies to increase application security knowledge throughout the enterprise.
  • Develop secure coding standards that are based on industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT Secure Coding to address common coding vulnerabilities.
  • Use tools and manual testing to perform code security analysts to identify vulnerabilities and attack vectors in web applications.
  • Work with information security analysts to refine web application penetration testing methods and breadth of security services.
  • Obtain and review all required artifacts as part of various security checkpoint phases in the development lifecycle cycle.
  • Collaborate with periodic security risk assessments, IT security audits, and management reporting.
  • Review and coordinate changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model.
  • Mentor and train less experienced personnel

What You Will Need

Education:

  • High school diploma/GED with 2 years of experience, or Associate's degree, or Bachelor's degree required.

Work Experience:

  • 1 year of experience required.
  • 4 years of experience preferred.
  • 2 years of leadership or management experience preferred.

Desired Work Experience:

  • 1 year of experience required.
  • Three years of experience with a focus on web application security methods preferred.
  • Security risk assessment and systems security audit work experience is highly desired.
  • Experience working with common application security tools such as Fortify or BurpSuite is a plus.
  • CISSP, CEH or other technical security certifications preferred
  • Self-starter with the ability to perform tasks as an individual contributor or as a project lead.

 

Equal Employment Opportunity

Ascension Technologies is an EEO/AA Employer M/F/Disability/Vet. Please click the link below for more information.
 
 
EEO is the Law Poster Supplement

E-Verify Statement

Ascension Technologies participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.

E-Verify (link to E-verify site) 

Job ID: 358653
Category: Information Systems
Facility: MOSTL Ascension Technologies
Ministry: Ascension Technologies
Location: Austin, TX

Build your career with Ascension

Join our Talent Network