Cybersecurity Engineer – Application Security Enablement

LabcorpLabcorp·Remote(United States)
Cybersecurity

WFA Digital Insight

Demand for cybersecurity specialists has surged 25% in the past year, driven by the rise of remote work and digital threats. With Labcorp's commitment to innovation, this role stands out in the current market. As a Cybersecurity Engineer, you'll be at the forefront of securing modern application architectures. Candidates should be well-versed in industry best practices like OWASP and NIST, as well as emerging trends in cloud-native and AI-enabled applications. Before applying, consider how your skills align with Labcorp's focus on secure-by-design principles and cross-functional collaboration.

Job Description

About the Role

As a Cybersecurity Engineer – Application Security Enablement at Labcorp, you will play a critical role in defining and implementing secure development standards and patterns for modern application architectures. This includes web, API, and microservices, with a focus on industry best practices such as OWASP and broader frameworks like NIST and CIS Controls. Your expertise will guide the development of reusable patterns for common application scenarios, ensuring that security is integrated from the outset.

The position requires collaboration with engineers and architects during design discussions to provide guidance on secure application architecture and design decisions. This is a full-time, exempt role with a hybrid schedule for those within 35 miles of Burlington, NC, or Durham, NC, including a minimum of three in-office days per week.

Labcorp's commitment to cybersecurity is reflected in its comprehensive approach to risk management and mitigation. As a key member of the cybersecurity team, you will contribute to the creation of machine-consumable security patterns, support the integration of authentication and authorization patterns, and promote secure-by-design principles.

What You Will Do

  • Define and document secure development standards and patterns for modern application architectures
  • Develop reusable patterns for common application scenarios such as secure APIs and service-to-service communication
  • Translate complex security risks into clear, developer-focused guidance
  • Collaborate with engineers and architects to provide guidance on secure application architecture and design decisions
  • Identify common security pitfalls early in the lifecycle and provide guidance on secure integration and data protection patterns
  • Support the integration of authentication and authorization patterns within application architecture
  • Ensure secure implementation of protocols such as OAuth 2.0, OIDC, and SAML
  • Align application security practices with identity and access management, identity governance, and privileged access management solutions
  • Partner with various teams to provide application security guidance and support risk mitigation
  • Engage with Enterprise Architecture teams to influence secure design decisions
  • Support data protection initiatives by ensuring appropriate controls for sensitive data handling and exposure mitigation

What We Are Looking For

  • High school diploma with 12 or more years of experience in application security, secure software development, or cybersecurity engineering
  • Alternatively, an associate degree with relevant experience
  • Strong understanding of industry best practices such as OWASP, NIST, and CIS Controls
  • Experience with modern application architectures, including web, API, and microservices
  • Ability to develop and document secure development standards and patterns
  • Excellent collaboration and communication skills
  • Knowledge of authentication and authorization protocols
  • Experience with cloud-native, API-first, distributed, and AI-enabled applications
  • Familiarity with machine-consumable security patterns and automated development tools

Nice to Have

  • Experience with security information and event management (SIEM) systems
  • Knowledge of containerization technologies such as Docker
  • Familiarity with agile development methodologies
  • Certification in cybersecurity or a related field

Benefits and Perks

  • Competitive salary
  • Comprehensive health insurance
  • Retirement savings plan
  • Paid time off and holidays
  • Remote work stipend
  • Opportunities for professional development and growth
  • Collaborative and dynamic work environment
  • Access to cutting-edge technologies and tools
  • Recognition and reward for outstanding performance

How to Stand Out

  • Ensure your portfolio includes examples of secure development standards and patterns you've developed or contributed to.
  • Prepare to discuss your understanding of industry best practices like OWASP and NIST, and how you apply them in real-world scenarios.
  • Highlight any experience with cloud-native applications and AI-enabled development tools.
  • Be ready to walk the interviewer through your process for identifying and mitigating common security pitfalls in application development.
  • Consider researching Labcorp's current projects and initiatives to show your interest and how your skills can contribute to the company's success.
  • Don't hesitate to ask about the company's approach to continuous learning and professional development, as this can indicate their investment in your growth as a cybersecurity professional.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.