Staff Security Engineer

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. Position Summary: CVS Pharmacy, Inc., a CVS Health company, is hiring for the following role in Woonsocket, RI: Staff Security Engineer to be responsible for conducting application and infrastructure penetration tests and red teaming engagements to help strengthen the security of perimeter and internal-facing assets. Conduct advanced penetration tests on web applications, mobile applications, network infrastructure, and cloud environments. Perform regular risk-based and intelligence-led penetration tests on public-facing and perimeter assets. Collaborate with SOC, VM and other stakeholder teams to uncover and verify security weaknesses. Develop, plan and execute detailed Red Teaming engagements. Assist in scoping, executing and peer reviewing prospective change and operational assurance penetration testing engagements. Understand and safely use various penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures. Participate and contribute on risk assessment and threat modeling sessions to support security initiatives. Develop scripts, tools, or methodologies to enhance CVS’s penetration testing processes. Develop comprehensive and accurate reports and presentations for various consumers of penetration testing results. Keep up with the latest cybersecurity threats, vulnerabilities and trends. Mentor and train junior team members and share knowledge and best practices. Telecommuting available. Multiple positions. Requirements: Bachelor’s degree (or foreign equivalent) in Computer Science, Computer Engineering, Information Technology, Engineering, or a related field and five (5) years of progressive, postbaccalaureate experience in the job offered or related occupation. Requires three (3) years of experience in each of the following:

• IT Information security services, including application penetration testing, Mobile application security assessment, Infrastructure Penetration testing, Vulnerability Assessment and

Network/Server hardening;

• Performing security assessments and review of applications, including documenting technical issues;
• Defining baseline security configuration for operating systems across multiple platforms;
• Management, construction and maintenance of security tools and infrastructure to support

security testing team; Source code review;

• Wireless penetration testing;
• Database Security Assessment; and
• Product Security Review.

Position also requires completion of a university-level course research project, or internship involving the following;

• Data structures and algorithms;
• Computer architecture;
• Software testing and system programming;
• Data warehousing and mining;
• Mobile computing.

Pay Range: $137654.00/year to $213210.00/year. This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company’s equity award program. In addition to your compensation, enjoy the rewards of an organization that puts our heart into caring for our colleagues and our communities. The Company offers a full range of medical, dental, and vision benefits. Eligible employees may enroll in the Company’s 401(k) retirement savings plan, and an Employee Stock Purchase Plan is also available for eligible employees. The Company provides a fully-paid term life insurance plan to eligible employees, and short-term and long term disability benefits. CVS Health also offers numerous well-being programs, education assistance, free development courses, a CVS store discount, and discount programs with participating partners. As for time off, Company employees enjoy Paid Time Off (“PTO”) or vacation pay, as well as paid holidays throughout the calendar year. Number of paid holidays, sick time and other time off are provided consistent with relevant state law and Company policies. Great benefits for great people We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families. This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility. Additional details about available benefits are provided during the application process and on Benefits Moments. This job does not have an application deadline, as CVS Health accepts applications on an ongoing basis. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.