Location: United States
Job Identification: 2058
Job Schedule: Full time

Application Security Engineer

Description of Myriad

Myriad Genetics, Inc. is a leading personalized medicine company dedicated to being a trusted advisor transforming patient lives worldwide with pioneering molecular diagnostics. Myriad discovers and commercializes molecular diagnostic tests that: determine the risk of developing disease, accurately diagnose disease, assess the risk of disease progression and guide treatment decisions.

Job Description

The Information Security Team is responsible for recommending, implementing, managing and executing processes, guidelines, architecture and standards necessary to reduce risks to Myriad Genetics caused by cyberthreats. The role of the Application Security Engineer is to work with operational and development teams to define, recommend and implement security controls and processes that reduce risk of the application development and production environments that support Myriad Genetics. This role is also responsible for monitoring and responding to cyberthreats across the Myriad networks, systems and suite of products assisting other Information Security team members and other teams within the company.

This role requires the applicant to have a solid knowledge of:

• The Software Development Lifecycle
• Coding and development frameworks
• Software development experience
• AWS IAM, Infrastructure, Storage and Application services.
• Network and computing principles and be able to explain how they work
• How to manage and deliver complex projects

This position will report directly to the Director of Information Security.

Principal Responsibilities and Duties:

• Collaborative management of the Myriad SDLC process
• Test for vulnerabilities and execute the vulnerability management programs supporting code and applications
• Container security
• Application security in cloud environments
• Implement and maintain enterprise security solutions.
• Articulate risk and potential remediation with Software Engineering, IT teams as well as management.
• Recommend and create metrics to measure the security posture of Cloud environments
• Provide guidance on security design, architecture, and configuration of network, system, database, and endpoints.
• Use SIEM, end point protection and other security tools to respond to security incidents and events
• Manage a ticket queue and perform work to resolve security tickets associated with security tasks and projects
• Create and perform presentations in support of information security objectives
• Support company audit and compliance initiatives
• Be on call and respond to after-hours security alerts

Qualifications / Characteristics:

• Experience performing threat modeling in a software development environment.
• Experience using code analysis tools.
• Experience with Python, Java, .Net, Rust or other coding languages.
• Experience Jenkins, Puppet
• Experience deploying applications in AWS environments.
• The ability to write, document and articulate complex concepts.
• Experience in planning, researching, and developing security policies, standards, and procedures.
• Experience with NIST, CIS, HIPAA, HiTrust security standards and frameworks.
• Direct experience with anti-virus, end point protection software, intrusion detection, firewalls, and content filtering.
• Experience using SIEM tools to investigate events, threats, and incidents.
• Knowledge of risk assessment tools, technologies, and methods.
• Experience designing secure networks, systems, and application architectures.
• Knowledge of disaster recovery, computer forensic tools, technologies, and methods.
• Ability to communicate network security issues to peers and management.
• Ability to read and use the results of mobile code, malicious code, and anti-virus software.

• Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention.
• Experience with AWS and Azure security protections, configurations, logging, and monitoring.
• 1-2 years of experience in securing software and mitigating vulnerabilities services security and design.
• 3-5 years of experience in information security.

Preferred Qualifications

• Bachelor's in information technology or Security or equivalent experience
• CISSP or Security++ or similar preferred
• Certifications in AWS Security, AZURE Security, CSA CCSK, CCSM or equivalent experience

#LI-REMOTE

#LI-MW1

About UsMyriad Genetics Inc., is a leading personalized medicine company dedicated to being a trusted advisor transforming patient lives worldwide with pioneering molecular diagnostics. Myriad discovers and commercializes molecular diagnostic tests that: determine the risk of developing disease, accurately diagnose disease, assess the risk of disease progression, and guide treatment decisions across six major medical specialties where molecular diagnostics can significantly improve patient care and lower healthcare costs. Myriad is focused on three strategic imperatives: maintaining leadership in an expanding hereditary cancer market, diversifying its product portfolio through the introduction of new products and increasing the revenue contribution from international markets. For more information on how Myriad is making a difference, please visit the Company's website: www.myriad.com .

WE ARE AN EQUAL OPPORTUNITY EMPLOYER. Applicants and employees are considered for positions and are evaluated without regard to mental or physical disability, race, color, religion, gender,national origin, age, genetic information, military or veteran status, sexual orientation, marital status or any other protected Federal, State/Province or Local status unrelated to the performance of the work involved.

Please answer all questions completely. Please do not provide any information not specifically requested on this Employment Application form.

PI166381985

Apply Here