Resumo da vaga

Application Security Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

3M Health Care is now Solventum

  • Operating and enhancing application security tool environments.
  • Authoring automation scripts for reoccurring tasks (Python preferred)
  • Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved tools.
  • Manage scan scheduling, configuration, and coverage across application security tool environments.
  • Tune scanning profiles to reduce false positives and improve detection accuracy.
  • Ensure DAST scanning aligns with release cycles and risk-based scanning requirements
  • Validate DAST findings to confirm exploitability and business impact.
  • Categorize vulnerabilities using industry standards (e.g., OWASP Top 10).
  • Prioritize findings based on risk, application criticality, and exposure.
  • Eliminate false positives and duplicate findings prior to developer handoff.
  • Partner with development and platform teams to explain DAST findings and remediation expectations.
  • Track remediation progress and verify fixes through re‑scanning or targeted validation.
  • Maintain accurate vulnerability records in enterprise tracking systems.
  • Escalate overdue or high‑risk vulnerabilities in accordance with policy.
  • Working with application teams to validate that software applications meet security guidelines and compliance standards such as HIPPA, SOC II, GDPR, NIST 800-53, FedRAMP, etc.
  • Building solutions that collect and present vulnerability and compliance data to Solventum’s leadership.

Your Skills and Expertise

  • Bachelor’s Degree & 7 years of experience application security
  • 3 years' experience administering, running, and analyzing DAST tools
  • Knowledgeable with AWS or Azure cloud environments
  • Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)
  • Experience developing or testing RESTful APIs with an understanding of Postman and/or Swagger files
  • Ability to obtain and maintain a Public Trust clearance

Your Skills and Expertise

  • Experience administering Qualys or Tenable vulnerability management and application security modules
  • Experience in working across multiple teams and disciplines
  • Strong attention to detail and analytical skills.
  • Risk-based prioritization and sound judgment.

Work location:

  • Remote – US Only
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoApplication Security EngineeringÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackAWS, Azure, PythonSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.
Aplicar no site da empresaSite da empresaAbrir link