Overview

Since our founding in 1924, we've cut cardiovascular disease deaths in half, but there is still so much more to do. To overcome today’s biggest health challenges and accelerate this progress, we need passionate individuals like you. Join our movement, be part of the progress, and help ensure a healthier future for all. You matter, and so does the impact you can make with us.

The American Heart Association is excited to announce a fantastic opportunity for a Cloud Engineer .

The Application Security Engineer will be responsible for designing, implementing, and managing the security architecture for our applications. This role involves working closely with development teams to ensure that security is integrated into the software development lifecycle (SDLC) and that our applications are protected against potential threats.

The Association offers many resources to help you maintain work-life harmonization through your changing needs and life situations. To help you be successful, you will have access to Heart U, our award-winning corporate university, as well as additional training and support, locally.

Responsibilities

1. Conduct application security assessments to identify vulnerabilities and recommend remediation strategies.
2. Conduct application architecture assessments to ensure proper security controls are in place.
3. Conduct data assessments to ensure encryption, access controls, and other security measures to safeguard data at rest and in transit.
4. Conduct threat modeling sessions with development teams to identify and prioritize security risks.
5. Develop and maintain application security policies, standards, and guidelines.
6. Develop and maintain threat modeling methodologies, tools, and processes to identify potential threats and vulnerabilities in applications and systems.
7. Collaborate with development teams to integrate security into the SDLC, including secure coding practices, threat modeling, and security testing.
8. Implement and manage application security tools such as SAST, DAST, and SCA.
9. Provide training and awareness programs to educate developers on secure coding practices and application security principles.
10. Stay up-to-date with the latest security trends, vulnerabilities, and technologies to ensure our applications are protected against emerging threats.
11. Work with cross-functional teams to ensure that security requirements are met throughout the application lifecycle.

Qualifications

1. Bachelor's degree in Computer Science, Information Security, or a related field.
2. Proven experience in application security, including secure coding practices, threat modeling, and security testing.
3. Strong knowledge of application security tools and technologies such as SAST, DAST, SCA, and WAF.
4. Experience with cloud security and securing applications in cloud environments.
5. Excellent communication and collaboration skills, with the ability to work effectively with development teams and other stakeholders.
6. Relevant certifications such as CSSLP, or CEH are a plus.
7. Experience with DevSecOps and integrating security into CI/CD pipelines.
8. Knowledge of regulatory requirements and industry standards related to application security.
9. Familiarity with common security frameworks and methodologies such as OWASP, NIST, and ISO 27001.

Preferred Qualifications:

1. Knowledge and ability to evaluate and integrate emerging technologies, such as AI/ML, and how they can be used to enhance application security.
2. Experience in application security and penetration testing to identify and validate security vulnerabilities.

Compensation & Benefits

The American Heart Association invests in its people. Here are the main components of our total rewards package. Visit Rewards & Benefits to see more details.

1. Compensation – Our goal is to ensure you have a competitive base salary. That’s why we regularly review the market value of jobs and make adjustments, as needed.
2. Performance and Recognition – You are rewarded for achieving success by merit increases and incentive programs, based on the type of position.
3. Benefits – We offer a wide array of benefits including medical, dental, vision, disability, and life insurance, along with a robust retirement program that includes an employer match and automatic contribution.
4. Professional Development – You can join one of our many Employee Resource Groups (ERG) or be a mentor/mentee in our professional mentoring program.
5. Work-Life Harmonization – The Association offers Paid Time Off (PTO) at a minimum of 16 days per year for new employees. The number of days will increase based on seniority level.
6. Tuition Assistance - We support the career development of all employees. This program provides financial assistance to employees who wish to further their education and career in relation to their current duties and responsibilities, or for potential future positions in the organization.

The American Heart Association’s 2028 Goal: Building on over 100 years of trusted leadership in cardiovascular and brain health, by 2028 the AHA will drive breakthroughs and implement proven solutions in science, policy, and care for healthier people and communities.

At American Heart Association | American Stroke Association, our mission is to be a relentless force for a world of longer, healthier lives, regardless of race, ethnicity, gender, gender identity, religion, age, language, sexual orientation, national origin and physical or cognitive abilities.