Application Security Manager

Job#: 3038233

Job Description:
Apex Systems is currently seeking an Application Security Manager. If you are interested:

Please reach out to Evan Meltsakos at with your resume and a brief introduction to get the conversation started.

Title: Application Security Manager

Location: 1 Enterprise Drive, Quincy, MA (Hybrid)

Term: 12 + months

Pay: $64.29/hr

Executive Office of Health and Human services is looking for a Security manager who will be responsible for ensuring the security of the company's infrastructure, networks, data and applications. Application Security manager will ensure that applications and services of an organization are secured and implemented with best security practices following the organization's governance model.

JOB DUTIES (Detailed Statement of Duties and Responsibilities):

Implement Data Security Management and Operation models.

Establish various security compliance standards including (but not limited to) NIST(National Institute of Standards and Technology), FIPS(Federal Information Processing Standards), FedRAMP(Federal Risk and Authorization Management Program)

Engage with agency Privacy and Security office teams to exchange Compliance reports and obtain approvals as necessary.

Involve with auditors as necessary to provide compliance reports as requested and implement mitigation steps as required.

Implement process and tools for application vulnerability testing(SAST/DAST).

Establish and manage a vulnerability management including coordination of penetration testing and ongoing vulnerability remediation, tracking, and security compliance reporting.

Setup requirements for penetration testing and engage with vendors and agencies to perform/report pen tests.

Setup infrastructure audits and reports with the help of system admins and vendors as necessary.

Maintaining the system integrity and security by following the industry standard IT Controls

Implement automation of systems administration and software migration for QA and Production

Develop relationships with QA and application teams to establish quality and application compliance based on Organization standards.

Provide architecture and configuration recommendations to ensure hosted/deployed environments are security and best practices compliant.

Provide technical assistance/recommendations to agency users and other agency personnel throughout the Commonwealth.

Evaluate security and audit tools and support them as necessary.

Identify and successfully troubleshoot problems in all environments and work across teams to ensure problems get resolved in a timely manner

Available for off-hour incidents and provide 24x7 on-call production support on a rotation basis

Provide training to teams on security and compliance as necessary

Work towards continuous process improvements.

REQUIRED SKILLS (Special Skill Set, Abilities, Knowledge):

In-depth knowledge and experience working with common regulatory framework applications related to data security, including HIPAA, HITRUST, - General Data Protection Regulation (GDPR), National Institute of Standards & Technology (NIST) standards, and similar constructs are highly desired.

Previous knowledge and experience in designing and architecting information technology and security controls across complex and diverse networks, applications, and infrastructures are strongly preferred.

Technical aptitude, critical thinking skills, and the ability to think outside the box.

Demonstrated ability to solve complex information security problems, observe security risks and weaknesses, and provide security recommendations to the respective project and delivery teams.

Ability to translate technical risk issues to business leaders and upper management. Excellent verbal, written, and interpersonal communication skills.

Detail-oriented and value teamwork.

Ability to resolve problems as they arise and handle situations expediently.

Must be able to work a flexible schedule according to business needs, including evenings, weekends, and holidays.

QUALIFICATIONS (Education, Years' Experience, Certificates):

10+ years of IT experience with at least 5+ years as a Security Manager/officer.

Bachelor's degree in Information Technology or computer science or related field or equivalent experience.

Preferred: AWS security and compliance. Security certifications, e.g., CISSP, CISA, CISM, CCSP.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at or . Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.