Solventum
Application Security Engineer
Vaga remota de Application Security Engineering com fit claro de localização do candidato.
Publicada3 de jul. de 2026
Países elegíveis1 país aceito
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Estados Unidos
Resumo da vaga
Application Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
3M Health Care is now Solventum
- Operating and enhancing application security tool environments.
- Authoring automation scripts for reoccurring tasks (Python preferred)
- Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved tools.
- Manage scan scheduling, configuration, and coverage across application security tool environments.
- Tune scanning profiles to reduce false positives and improve detection accuracy.
- Ensure DAST scanning aligns with release cycles and risk-based scanning requirements
- Validate DAST findings to confirm exploitability and business impact.
- Categorize vulnerabilities using industry standards (e.g., OWASP Top 10).
- Prioritize findings based on risk, application criticality, and exposure.
- Eliminate false positives and duplicate findings prior to developer handoff.
- Partner with development and platform teams to explain DAST findings and remediation expectations.
- Track remediation progress and verify fixes through re‑scanning or targeted validation.
- Maintain accurate vulnerability records in enterprise tracking systems.
- Escalate overdue or high‑risk vulnerabilities in accordance with policy.
- Working with application teams to validate that software applications meet security guidelines and compliance standards such as HIPPA, SOC II, GDPR, NIST 800-53, FedRAMP, etc.
- Building solutions that collect and present vulnerability and compliance data to Solventum’s leadership.
Your Skills and Expertise
- Bachelor’s Degree & 7 years of experience application security
- 3 years' experience administering, running, and analyzing DAST tools
- Knowledgeable with AWS or Azure cloud environments
- Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)
- Experience developing or testing RESTful APIs with an understanding of Postman and/or Swagger files
- Ability to obtain and maintain a Public Trust clearance
Your Skills and Expertise
- Experience administering Qualys or Tenable vulnerability management and application security modules
- Experience in working across multiple teams and disciplines
- Strong attention to detail and analytical skills.
- Risk-based prioritization and sound judgment.
Work location:
- Remote – US Only
Vagas similares
Mantenha uma lista reserva.
Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.