Solventum
Application Security Engineer
Rol remoto de Application Security Engineering con fit claro de ubicación del candidato.
Publicado3 jul 2026
Países elegibles1 país aceptado
Señal de senioritySenior
Modelo de trabajoRemoto
Ubicaciones aceptadas para candidatos
Estados Unidos
Resumen del rol
Application Security Engineer
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
3M Health Care is now Solventum
- Operating and enhancing application security tool environments.
- Authoring automation scripts for reoccurring tasks (Python preferred)
- Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved tools.
- Manage scan scheduling, configuration, and coverage across application security tool environments.
- Tune scanning profiles to reduce false positives and improve detection accuracy.
- Ensure DAST scanning aligns with release cycles and risk-based scanning requirements
- Validate DAST findings to confirm exploitability and business impact.
- Categorize vulnerabilities using industry standards (e.g., OWASP Top 10).
- Prioritize findings based on risk, application criticality, and exposure.
- Eliminate false positives and duplicate findings prior to developer handoff.
- Partner with development and platform teams to explain DAST findings and remediation expectations.
- Track remediation progress and verify fixes through re‑scanning or targeted validation.
- Maintain accurate vulnerability records in enterprise tracking systems.
- Escalate overdue or high‑risk vulnerabilities in accordance with policy.
- Working with application teams to validate that software applications meet security guidelines and compliance standards such as HIPPA, SOC II, GDPR, NIST 800-53, FedRAMP, etc.
- Building solutions that collect and present vulnerability and compliance data to Solventum’s leadership.
Your Skills and Expertise
- Bachelor’s Degree & 7 years of experience application security
- 3 years' experience administering, running, and analyzing DAST tools
- Knowledgeable with AWS or Azure cloud environments
- Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)
- Experience developing or testing RESTful APIs with an understanding of Postman and/or Swagger files
- Ability to obtain and maintain a Public Trust clearance
Your Skills and Expertise
- Experience administering Qualys or Tenable vulnerability management and application security modules
- Experience in working across multiple teams and disciplines
- Strong attention to detail and analytical skills.
- Risk-based prioritization and sound judgment.
Work location:
- Remote – US Only
Roles similares
Mantén una lista de respaldo.
Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.
Flujo de contratación
WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.
1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.