Sr. Software Developer Engineer Security - Pharmacy Applications 9/16/2016
Saint Louis, MO
JOB DESCRIPTIONAPPLY POSITION SUMMARY
The Sr. Information Security Software Engineer works with the Software Development Engineer to write and modify complex application programs using the latest security standards and best practices and assists Information Risk Management in the creation and enforcement of security standards. The Sr. Information Security Software Engineer has strong experience in software development engineering and application security.
The Sr. Information Security Software and is able to respond to urgent issues without losing focus on longer term deliverables. This position must balance a wide-range of priorities and manage relationships with other IT departments, all while considering short-term and long-term implications of each decision.
This position may lead internal cross-department IT initiatives and may participate on cross-functional initiatives for Express Scripts. The Sr. Information Security Software may also lead a team of consultants in geographically diverse locations.
* Partner with the software development engineer, other members of the development team, and Information Risk Management to ensure applications meet the accepted software security standards
* Provides security leadership and assist management in implementing the organization s security strategy
* Works with the application development team to find and remediate existing vulnerabilities
* Serves as a security SME for the application development team
* Coaches and mentors development teams on how to write secure software
* Provides technical guidance to projects/programs for all security questions and concerns
* Leads development of standard application security practices, components, and guidelines, including libraries, frameworks, and reference implementations
* Assists teams to resolve urgent and high production incidents in a manner that is consistent with the published security guidelines
* Works on special projects as assigned
* Provides security subject matter expertise and proactively identifies risk-based security solutions
* Prioritizes requests and activities and develops schedules and work plans for projects/initiatives
* Ensures projects/initiatives are completed within designated time frames
* Ensures quality and service standards are maintained
* Leads resolution of urgent and on-going problems cross-functionally to ensure overall security
* Leads the development and implementation of strategic work plan goals; tracks and periodically reports progress to leadership
* Assists with information security budget planning and management for their department
* May direct a team of contract staff in one or more sites
* Bachelor s degree in Information Systems or related field
* 8 years Information Technology experience with direct experience implementing high volume multi-tier transactional systems, including: mainframe, web applications, workflow, imaging and web services.
* 5 years Information Security experience
* 5 years in Risk, IT Consulting, IT Infrastructure Management or Data Governance
* Minimum of 8 Years IT experience, Mastery / certification in one or more standard architecture frameworks or technologies.
* Security certification preferred, e.g. Security , CISSP, CSSLP, etc.
* Demonstrated ability to provide and implement secure solutions to a wide range of difficult problems
* Demonstrated ability to lead discussions with all levels of the organization and provide balanced information of an idea or communication of an issue regardless of written or verbal
* Experience working in a vendor partner model
* Strong mentoring skills
* Demonstrated ability to adapt in a dynamic work environment and make independent decisions
* Demonstrated ability to work collaboratively across project teams
* Demonstrated strong understanding and experience with both information security and risk management, including information security assessment, mitigation solution design/implementation, policy and standards
* Ability to define N-tier applications, understanding how they fit into the overall system architecture of a shared SOA platform and supporting IT infrastructure
* Deep knowledge of current technologies including Open Source, J2EE (JSP, Servlet, JSP, etc.), web application development, web services (REST/SOAP/XML), Rich Internet Applications, messaging infrastructures and databases
* Possesses a sense of urgency about exceeding the objectives of the role
* Ability to work in a rapidly changing, highly complex matrixed environment
* A true team player and collaborator, translating prior knowledge and experience into strong productive relationships internally and externally
* Strong interpersonal, influence and communications skills with an ability to interact effectively with a variety of contacts and the ability to effectively manage and build relationships with leaders and team members in geographically dispersed environments
* Experience with health care or PBM industry very helpful
* Willingness to work a flexible schedule to accommodate project deadlines
* Willingness to travel as needed
* Thorough knowledge of .Net/VB, Imaging and Workflow, Oracle and SQL is required.
* Knowledge of Mainframe, Mule and Data Power
* Knowledge of SOA architecture
* Knowledge in all IT concepts, procedures and practices in the Software Development Life Cycle and development process.
* Demonstrated knowledge of Agile/Scrum process and iterative development as it applies to software delivery.
* Advanced problem solving skills and the ability to work collaboratively with other departments to resolve complex issues with innovative solutions in an extremely fast paced environment.
Express Scripts is an EOE
Express Scripts is an Equal Employment Opportunity employer and does not discriminate in employment opportunities or practices on the basis of race, creed, color, religion, sex, national origin, nationality, ancestry, age, disability or status as a disabled veteran or veteran of the Vietnam era, pregnancy, affectional or sexual orientation, gender identity or expression, marital status, status with regard to public assistance, veteran status, citizenship or membership in any other legally protected class. None of the questions in this application are intended to elicit information regarding any protected characteristics, nor imply any limitation, illegal preferences or discrimination based upon non-job-related information or protected characteristics. Applicants must be able to pass a drug test and background investigation and, depending on position requirements, a Department of Defense background investigation. AA/EOE.