Staff Security Engineer - CVS Health

Key Responsibilities

• Design, execute, and report on comprehensive application and infrastructure penetration tests, identifying critical vulnerabilities and recommending remediation.
• Lead red‑team engagements to simulate advanced adversary tactics, techniques, and procedures against enterprise systems.
• Collaborate with development, operations, and security teams to integrate findings into secure design and deployment pipelines.
• Develop and maintain security testing frameworks, tools, and playbooks to streamline assessment processes.
• Provide subject‑matter expertise on threat modeling, secure architecture, and risk assessment for new initiatives.

Requirements

• 5+ years of hands‑on experience in penetration testing, red teaming, and application security.
• Proficiency with industry tools such as Burp Suite, Metasploit, Nmap, and custom scripting (Python, PowerShell).
• Strong understanding of network protocols, cloud security (AWS, Azure), and secure coding practices.
• Excellent communication skills, able to translate technical findings into actionable business recommendations.
• Relevant certifications (OSCP, GPEN, GCIH, or equivalent) preferred.