This is a contract opportunity. You will be employed by Magnit to work on assignment with GuideWell.
Job description: Cybersecurity Engineer - Application Security
We are seeking an experienced Cyber Security Engineer to join our team, responsible for ensuring the security of our applications and APIs. This role will focus on collaborating with cross functional teams, including developers, UI developers, and API developers, to identify and remediate security vulnerabilities. The ideal candidate will have expertise in API security, UI security, as well as secure coding practices, with the ability to balance security with business needs and enable rapid and secure deployment of applications.
Essential Functions
- Collaborate with developers throughout the software development lifecycle to ensure security best practices are integrated into application design and development
- Review scan findings and work with developers to remediate security vulnerabilities and implement fixes within their applications
- Work with application owners to enable single sign on via standards such as SAML or OAuth
- Work with application owners to manage access control via conditional access policies
- Partner with developers to ensure secure coding practices and mitigate security risks
- Provide security guidance and recommendations to development teams to ensure compliance with security standards and regulations
- Develop and maintain security documentation, including threat models, risk assessments, and security requirements
- Stay current with emerging security threats and technologies, applying this knowledge to improve our overall security posture
- Enable the business to rapidly and securely deploy applications balancing security with business needs
Additional Required Qualifications
- 4+ years of experience in cyber security, with a focus on secure development and deployment
- Strong understanding of secure coding practices, threat modeling, and risk assessment
- Experience with Azure / EntraID
- Experience with Single Sign On using SAML or OAuth
- Experience with security tools such as Postman, Burp Suite, etc. and vulnerability management
- Experience with scripting languages such as PowerShell or Python
- Excellent communication and collaboration skills, with the ability to work with technical and non-technical stakeholders
- Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions
- Familiarity with API security frameworks and protocols (OAuth, JWT), as well as UI development frameworks and tools
Required Work Experience:
- 4+ years related work experience
- 2+ years in Cybersecurity
- 2+ years Information Technology Infrastructure
Required Education:
- Related bachelor’s degree or additional related equivalent work experience
Required Licenses and Certifications (required within 180 days of FT hire):
- Cybersecurity Engineer Defense and Threat Operations: SSCP
- Cybersecurity Engineer Enterprise Cybersecurity Services: SSCP
Preferred Qualifications:
- Experience with the OWASP Top 10 and remediation strategies
- Experience with the creation of both technical and non-technical documentation
- Experience with agile development methodologies
- Experience with CI/CD pipelines and tools such as Jenkins
Comments for Suppliers: Must have scripting experience. Must have Azure experience, preferably EntraID. Must be familiar with OWASP top 10.
GuideWell and its family of companies has partnered with Magnit as its Managed Service Provider (MSP) and Employer of Record (EOR) since 2018. In May of 2025, GuideWell joined Magnit Direct Source to implement the GuideWell Contractor Cohort. This program is designed to create, manage and curate a contractor talent pool for temporary contract opportunities with GuideWell. As a contractor working on temporary assignment with GuideWell, you'll be employed by Magnit. You'll have the opportunity to work on temporary projects at GuideWell companies that make a real difference in people's lives while enjoying the benefits of being part of the Magnit team.
