This is a contract opportunity. You will be employed by Magnit to work on assignment with GuideWell.

Job description: Cyber Security Engineer - Web Application Security 

We are seeking an experienced Cyber Security Engineer to join our team, with a primary focus on web application security. As a key member of our security team, you will be responsible for designing, implementing, and maintaining the security of our web applications, ensuring the confidentiality, integrity, and availability of our systems and data. Your primary responsibilities will include conducting vulnerability assessments, identifying and remediating security vulnerabilities, and developing and enforcing secure coding practices and standards. You will also work closely with our development teams to ensure that security is integrated into every stage of the software development lifecycle, from design to deployment. Additionally, you will stay current with emerging threats and technologies, and provide guidance and training to development teams on web application security best practices. The ideal candidate will have a strong background in web application security, with experience in languages such as Python, PowerShell or Java and familiarity with security frameworks and tools such as OWASP, Burp Suite, and ZAP.

Essential Functions:
 

• The essential functions listed represent the major duties of this role, additional duties may be assigned.
• Thorough understanding of the OWASP Top 10 and remediation strategies
•  Hands on experience with Python, PowerShell, or Java
• Hands on experience with Microsoft Azure
• Research, evaluation, validation and recommendation of technical security solutions while assisting with Build, Test, and Implementing for the enterprise and its subsidiaries
• Coordinates with product vendors and service providers supporting technical security capabilities and processes
• Manage system/application environment, configuration, policy and required operational activities on assigned technical security solutions
• Monitors, reports on, and enhances performance of assigned technical security solution
• Provides security technology incident response and problem management. Troubleshoots software and/or hardware issues/failures on assigned technical security solutions. Resolves alerts and performs remediation activities as required for return-to-operation.
• Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels.
• Supports escalations, known issues and out of cycle requests on multiple security solutions for the enterprise and its subsidiaries
• Supports the development and maintenance of operational documentation for technical security solutions (e.g. procedures, engineering diagrams, knowledgebase, etc.).
• Collects, analyzes, synthesizes and presents data on technical security solutions and processes to peers, leadership and business stakeholders
• Assists the migration, upgrade and disposal of complex security capabilities and evaluates risks and impacts
• Collaborates with other business areas to deliver on work group initiatives for the enterprise and its subsidiaries
• Assists with developing continuous testing and validation of product performance and gap analysis for continuous security hardening processes
• Assists execution and alignment to security reference architecture standards and published blueprints.
• Assists Disaster Recovery planning, design, implementation and exercises on security technology solutions
• Assists remediation actions as a result of threat and vulnerability assessments or audits
• Provide training to others on security capabilities, processes, procedures and operational task
   

Additional Required Qualifications

• Basic knowledge of TCP/IP networking preferred
• Capacity to work independently and willingness to seek advice/assistance.
• Basic understanding of security concepts and controls for network, application, and operating systems.
• Ability to troubleshoot and investigate security related issues and having experience or knowledge with vulnerability and patch management.
• Strong technical, analytical, and administrative skills
•  Strong corporate work ethics.
• Strong Documentation and Review Skills to ensure “We say what we do and do what we say”
• Have strong problem-solving skills.
• Maintain a positive attitude.
• Are professionals and possess excellent interpersonal and written communication skills.
• Are passionate about technology.
• Have the desire and ability to learn new things fast.
• Strong Solutioning Skills to help facilitate new technology gap
• Want to be part of an efficient and effective team.
• Display an ownership attitude and drive initiatives to completion
• Are a team player that recognizes the bigger picture and understands the value of teamwork.
   

Required Work Experience:
4+ years related work experience
2+ years in Cybersecurity
2+ years Information Technology Infrastructure

Required Education:
Related Bachelor’s degree or additional related equivalent work experience

Required Licenses and Certifications :
Cybersecurity Engineer Defense and Threat Operations: SSCP
Cybersecurity Engineer Enterprise Cybersecurity Services: SSCP

Additional Preferred Qualifications:
Exposure to Project Management methodologies like Waterfall, Agile, Lean or SAFe methodologies

GuideWell and its family of companies has partnered with Magnit as its Managed Service Provider (MSP) and Employer of Record (EOR) since 2018. In May of 2025, GuideWell joined Magnit Direct Source to implement the GuideWell Contractor Cohort. This program is designed to create, manage and curate a contractor talent pool for temporary contract opportunities with GuideWell. As a contractor working on temporary assignment with GuideWell, you'll be employed by Magnit. You'll have the opportunity to work on temporary projects at GuideWell companies that make a real difference in people's lives while enjoying the benefits of being part of the Magnit team.