[Hiring] Staff Application Security Engineer @CVS Health

Role Description

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.

Position Summary:

• Development & Enforcement:
  • Develop and enforce engineering security policies and standards, specifically with the Illumio Platform:
  • Illumio PCE (Policy Compute Engine) management
  • Illumio VEN (Virtual Enforcement Node) deployment
  • Label-based policy creation and Illumination (visualization) usage
  • Expertise in creating and managing security policies, segmentation templates and policy objects
  • Build and understanding of service definitions and rulesets
  • Leadership of policy creation, testing and validation
  • Experience with application dependencies and communication patterns
  • Understanding of workload communication patterns and ability to conduct traffic flow analysis
  • Strong troubleshooting abilities and experience with monitoring network performance, as segmentation directly impacts traffic flow and application connectivity.
  • Develop and enforce data security policies and standards.
  • Drive security awareness across the organization.
  • Lead the development and enforcement of comprehensive security policies and standards, integrating advanced security practices throughout the software development lifecycle to mitigate risks and align with industry-leading security protocols.
• Collaboration & Expertise:
  • Collaborate with Engineering and Business teams to develop secure engineering practices.
  • Act as a pivotal security leader, driving the integration of secure engineering practices across the organization while liaising with senior management to ensure a cohesive security strategy that aligns with business objectives.
• Analysis & Configuration:
  • Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
  • Lead security testing, vulnerability analysis, and documentation.
  • Spearhead the evaluation and strategic deployment of cutting-edge security solutions, emphasizing scalability, performance, and adaptability, to fortify the organization's defense against evolving threats.
• Operational Support:
  • Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises, colocation).
  • Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies.
• Mentorship and Training:
  • Demonstrated leadership skills with developing a comprehensive mentorship program for junior engineers, including organizing regular training sessions to elevate the team's technical and security skills.
  • This role requires a commitment to fostering a culture of continuous improvement and knowledge sharing.
• Innovation and Research:
  • Proven track record with participation in security research and the exploration of next-generation security tools and practices.
  • This includes encouraging the team to engage with the wider security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms.
• Strategic Planning:
  • Play a key role in the strategic planning of the organization's security roadmap, including conducting thorough risk assessments, allocating budgets for security initiatives, and aligning long-term security strategies with overarching business goals.
  • This responsibility includes advocating for security within the company and ensuring that security considerations are paramount in all technology decisions.

Qualifications

• 7+ years of experience in developing and deploying security technologies.
• 5+ years of experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
• 5+ years of experience in Public Cloud (AWS/Azure/GCP) and Network Security.
• 3+ years of experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code.
• 3+ years of experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell.

Preferred Qualifications

• Proven track record in leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.
• Strong technical expertise with Architecting Public Cloud solutions and processes.
• Strong technical expertise with Networking and Software-Defined Networking (SDN) principles.
• Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
• Experience with direct, remote, and virtual teams.
• Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
• Strong technical expertise with security solutions for data warehouses and big data platforms, particularly with technologies like Snowflake.
• Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
• Experience in influencing industry security standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization.
• Illumio Core: Expert Certifications – On-Premise & SAAS.

Education

• Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience).

Pay Range

The typical pay range for this role is: $130,295.00 - $284,280.00. This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company’s equity award program.

Benefits

• This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families.
• The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.
• Additional details about available benefits are provided during the application process and on Benefits Moments.

We anticipate the application window for this opening will close on: 04/21/2026. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.