Senior Application Security Engineer

2 days ago

🇺🇸 United States – Remote

🦞 Maine – Remote

Although this job is listed in Maine, this company may be open to hiring remote in other states.

🏈 Ohio – Remote

Although this job is listed in Ohio, this company may be open to hiring remote in other states.

+1 more states

🦞 Maine – Remote 🏈 Ohio – Remote 🌴 South Carolina – Remote

💵 $102.4k - $190.1k / year

⏰ Full Time

🟠 Senior

👮‍♂️ Security Engineer

🦅 H1B Visa Sponsor

Apply Now

Receive Emails with Similar Jobs

Covetrus

WebsiteLinkedInAll Job Openings

5001 - 10000 employees

Founded 2018

⚕️ Healthcare Insurance

☁️ SaaS

🤝 B2B

💰 Seed Round on 2021-01

Description

• As a member of the Application Security team you will contribute to the culture and processes involved in securing the software development lifecycle. • You will work closely with development teams to ensure the security of the software solutions they create and maintain. • You will collaborate with stakeholders across the business including engineering, quality, project management, IT, and DevOps. • You will review and threat model designs, perform secure code reviews, automate security testing, analyze potential risks, and guide teams to avoid or mitigate items; ensuring software solutions protect Covetrus, our partners, and the pet parents who utilize our solutions. • Partner with product leaders to continually improve their security processes. • Review feature designs providing security assessments, guidance on implementation best practices, and threat modelling of potential risks. • Participate in architectural design reviews providing secure best practices and guidance for individual components and infrastructure patterns. • Integrate new security test automations into build and release processes. • Expand existing automation rules and patterns to identify and prevent potential vulnerabilities. • Perform secure code reviews, leading engineering teams on resolution of discoveries. • Assist in training teams on application security principles. • Assist teams in reproducing and triaging application security vulnerabilities. • Establish and maintain documentation including mitigation guidance for specific vulnerabilities, risks, and project specific standards. • Verify security control implementations through manual penetration testing and various available security tools.

Requirements

• Bachelor’s degree in relevant field of study, or equivalent work experience. • 7+ years of experience in development, quality assurance, DevOps, or application security. • Expert knowledge of web application and cloud infrastructure vulnerabilities and ability to work with engineering and product teams to understand and protect against those vulnerabilities. • Proficiency with security controls, vulnerability assessments, and risk management methodologies. • Strong understanding of application security principles and how to defend against their abuse. • Experience with application security tools (SAST, DAST, SCA/SBOM, container analysis, infrastructure configuration management). • Experience identifying security issues through code review. • Familiarity with C#, Java, Python, React, Angular, AWS, OAuth2, Kubernetes, microservice architecture, CQRS, GraphQL.

Benefits

• 401k savings & company match • Paid time off • Paid holidays • Maternity leave • Parental leave • Military leave • Other leaves of absence • Health, dental, and vision benefits • Health savings accounts • Flexible spending accounts • Life & disability benefits​ • Identity theft protection • Pet insurance • Certain positions may include eligibility for a short term incentive plan