Job Directory Senior Application Security Engineer

Senior Application Security Engineer
San Diego, CA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.


Job Description

Senior Application Security Engineer


XIFIN is a San Diego based SaaS company that leverages diagnostic information to improve the quality and economics of healthcare. Our cloud-based platform facilitates connectivity and workflow automation for accessing and sharing clinical and financial diagnostic data, improving the delivery and reimbursement of care. We are self-driven innovators who are looking to make a difference in the healthcare technology space.

Who are we looking for?

The Senior Application Security Engineer will be passionate about uncovering security vulnerabilities and demonstrating proof of concepts to security analyst and developers on how to identify and fix the vulnerabilities. You will be a subject matter expert in application security and Secure Software Development Life Cycle. You will be able to work with team members inside and outside of the department. Your focus will be on helping to build and maintain an Application Security program that can be used as the benchmark for our industry.

The Senior Application Security Engineer will be solution oriented and will seek out answers to the challenges of providing an efficient yet secure process. You

will be comfortable building relationships and partnering across the organization. This role can provide a pathway to further developing your skills as a Senior Application Security Engineer, with opportunities to grow and improve the security and compliance processes within the organization.


* Demonstrate and promote Secure Software Development Life Cycle
* Work with developers and quality assurance teams to resolve security issues in our stack
* Evaluate and classify findings from SAST, DAST, and externally reported sources
* Perform security testing on internally developed applications and clearly document findings and recommendations
* Act as technical liaison between Information Security and application development teams, including guiding teams towards strong application security practices and remediating known risks
* Develop and support integration and automation within security, monitoring, reporting, and ticketing platforms
* Review and analyze existing processes and suggest improvements for increased security and efficiency

What qualifications are needed?

* BS in Computer Science, Engineering, or equivalent experience
* 5+ years of experience in Application Development and Secure DevOps
* Have a high degree of knowledge and comprehension in the core principles of application security and architecture
* Scripting and/or code development capability including Java, JavaScript, +Net, C#
* Requires excellent verbal and written communication, interpersonal and customer service skills with the strong ability to interact professionally with a diverse group, executives, managers, and subject matter experts
* Ability to manage multiple assignments and track through to completion
* Nice to have certifications GWAPT, GWEB, GSSP
* Familiarity with HIPAA and/or PCI-DSS a plus
* Working knowledge of CI/CD process and tools
* Agile Software development practices

EEO Statement

XIFIN provides equal opportunity for all applicants without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, sexual orientation, veteran status, or any other basis protected by state or federal law.

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.