About Us

Zelis is modernizing the healthcare financial experience in the United States (U.S.) across payers, providers, and healthcare consumers. We serve more than 750 payers, including the top five national health plans, regional health plans, TPAs and millions of healthcare providers and consumers across our platform of solutions. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts – driving real, measurable results for clients.

Why We Do What We Do

In the U.S., consumers, payers, and providers face significant challenges throughout the healthcare financial journey. Zelis helps streamline the process by offering solutions that improve transparency, efficiency, and communication among all parties involved. By addressing the obstacles that patients face in accessing care, navigating the intricacies of insurance claims, and the logistical challenges healthcare providers encounter with processing payments, Zelis aims to create a more seamless and effective healthcare financial system.

Zelis India plays a crucial role in this mission by supporting various initiatives that enhance the healthcare financial experience. The local team contributes to the development and implementation of innovative solutions, ensuring that technology and processes are optimized for efficiency and effectiveness. Beyond operational expertise, Zelis India cultivates a collaborative work culture, leadership development, and global exposure, creating a dynamic environment for professional growth. With hybrid work flexibility, comprehensive healthcare benefits, financial wellness programs, and cultural celebrations, we foster a holistic workplace experience. Additionally, the team plays a vital role in maintaining high standards of service delivery and contributes to Zelis’ award-winning culture.

Position Overview

The position will report to the Head of Application Security and work in collaboration with the application development teams. The position will be accountable for application security testing of corporate built applications, including but not limited to DAST, SAST, SCA, security unit testing, and security functional testing. The individual will be directly responsible for DAST, SAST, and SCA. The individual will partner with the application development and testing teams to assist with security unit testing and functional unit testing based on security requirements.

Title

Application Security Tester

Overview

The position will report to the Head of Application Security and work in collaboration with the application development teams. The position will be accountable for application security testing of corporate built applications, including but not limited to DAST, SAST, SCA, security unit testing, and security functional testing. The individual will be directly responsible for DAST, SAST, and SCA. The individual will partner with the application development and testing teams to assist with security unit testing and functional unit testing based on security requirements.

Job Responsibilities

• Oversee security testing activities to measure the effectiveness of security controls, including penetration testing, vulnerability scanning, and security assessments.

• Ensure application security testing findings are recorded in defect tracking systems.

• Provide guidance to application development and testing teams to build unit and functional test cases to validate, including penetration testing, vulnerability scanning, and security assessments requirements.

• Perform security code reviews to identify and remediate security vulnerabilities in application code. Look for common security flaws such as injection attacks, cross-site scripting (XSS), and insecure configurations.

• Provide guidance and training to development teams on secure coding practices, security principles, and relevant security tools and technologies.

• Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.

Qualifications

Required

· Bachelor’s degree in cyber security (or) related degree and experience.

· Five or more years’ experience in Cyber Security.

· Two or more years’ experience in SAST or DAST testing tools.

· Two or more years’ experience in vulnerability scanning tools.

· Understanding of API and Web security vulnerabilities.

· Familiarity with OWASP Top 10 API, Web and Mobile Application Security Risks.

· Strong verbal and written communications skills.

· Strong Customer service skills.

· Experience working with application security testing tools (e.g., Burp Suite ZAP, or similar).

Preferred

· Experience in unit testing.

· Experience in functional testing.

· Experience with software testing automation.

· Experience with WAF.

· Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Penetration Tester (GPEN) or other relevant certifications.

· Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST, etc.)

Commitment to Diversity, Equity, Inclusion, and Belonging

At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.

Equal Employment Opportunity

Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Accessibility Support

We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability and require reasonable accommodation with any part of the application and/or interview process, please email talentacquisition@zelis.com.