DevSecOps Architect

Company: Zelis Healthcare, LLC
Location: Boston
Posted on: February 22, 2025

Job Description:

At Zelis, we Get Stuff Done. So, let's get to it!A Little About UsZelis is modernizing the healthcare financial experience for all by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts-driving real, measurable results for clients.A Little About YouYou bring a unique blend of personality and professional expertise to your work, inspiring others with your passion and dedication. Your career is a testament to your diverse experiences, community involvement, and the valuable lessons you've learned along the way. You are more than just your resume; you are a reflection of your achievements, the knowledge you've gained, and the personal interests that shape who you are.Position OverviewThe position will have a dual reporting structure to both the Head of Application Security and the Head of the Payments Optimization organization technical team. The position will work in collaboration with the Payments application teams. The position will be accountable for application security of Payments applications. The individual will collaborate with the business teams and scrum masters to identify cyber security requirements. The individual will assist the application development teams in designing application architectures. The individual will assist quality assurance tests with defining testing and validation.Location and Workplace Flexibility:We have offices in Atlanta GA, Boston MA, Morristown NJ, Plano TX, St. Louis MO, St. Petersburg FL, and Hyderabad, India. We foster a hybrid and remote friendly culture and all of our employee's work locations are based on the needs of the position and determined by the Leadership team. In-office work and activities, if applicable, vary based on the work and team objectives in accordance with Company policies.What You'll DoResponsibilities:

• Partner with Payments stakeholders to understand regulatory, industry, and organizational security requirements.
• Conduct threat modeling exercises to identify potential security vulnerabilities in Payments internal and publicly facing applications.
• Analyze application's components, data flows, and external dependencies to anticipate and mitigate threats.
• Provide security requirements with acceptance criteria to application development teams using the Agile and Waterfall methodologies.
• Review the architecture of software applications to ensure security is integrated at every layer, including network, infrastructure, and application levels.
• Recommend and implement security controls and best practices to address identified risks and vulnerabilities. This includes encryption, authentication, access controls, input validation, and other security mechanisms.
• Perform security code reviews to identify and remediate security vulnerabilities in application code. Look for common security flaws such as injection attacks, cross-site scripting (XSS), and insecure configurations.
• Provide guidance and training to development teams on secure coding practices, security principles, and relevant security tools and technologies.
• Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.What You'll Bring to ZelisQualificationsRequired
  • Bachelor's degree in cyber security (or) related degree and experience.
  • Eight or more years' experience in cybersecurity/DevSecOps.
  • Two or more years' experience as a web application developer.Preferred
    • Experience in health insurance payments.
    • Experience in ASP.Net Core application development.
    • Experience in application secure code reviews.
    • Experience in Agile and writing user stories.
    • Experience in threat modeling.
    • Experience in secure coding.
    • Experience in application security.
    • Experience in securing APIs.
    • Experience in security cloud applications.
    • Experience source code management, build and deployment technologies.
    • Experience in application security testing.
    • Experience with web application firewalls.
    • CDP, CISSP, E-CDE or other relevant certifications.
    • Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST, etc.)
    • Understanding of API and Web security vulnerabilities.
    • Familiarity with OWASP Top 10 API, Web, and Mobile Application Security Risks.
    • Familiarity with MITRE CWE Top 25 Most Dangerous Software Weaknesses.
    • Strong verbal and written communications skills.
    • Strong Customer service skills.Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts - driving real, measurable results for clients.Commitment to Diversity, Equity,Inclusion, and BelongingAt Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.Equal Employment Opportunity Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position, including women, LGBTQIA people, people of color, and people with disabilities. Accessibility SupportWe are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email .SCAM ALERT: There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner. If you're contacted by a Zelis Recruiter, please ensure whomever is contacting you truly represents Zelis Healthcare. We will never asked for the exchange of any money or credit card details during the recruitment process. Please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Zelis.

Keywords: Zelis Healthcare, LLC, Boston , DevSecOps Architect, Professions , Boston, Massachusetts