[Remote] Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. Solventum is a new healthcare company focused on improving lives through innovative solutions. They are looking for an Application Security Engineer to enhance the security of their healthcare information systems and manage vulnerabilities in applications, ensuring compliance with industry standards.ResponsibilitiesOperating and enhancing application security tool environmentsAuthoring automation scripts for reoccurring tasks (Python preferred)Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved toolsManage scan scheduling, configuration, and coverage across application security tool environmentsTune scanning profiles to reduce false positives and improve detection accuracyEnsure DAST scanning aligns with release cycles and risk-based scanning requirementsValidate DAST findings to confirm exploitability and business impactCategorize vulnerabilities using industry standards (e.g., OWASP Top 10)Prioritize findings based on risk, application criticality, and exposureEliminate false positives and duplicate findings prior to developer handoffPartner with development and platform teams to explain DAST findings and remediation expectationsTrack remediation progress and verify fixes through reāscanning or targeted validationMaintain accurate vulnerability records in enterprise tracking systemsEscalate overdue or highārisk vulnerabilities in accordance with policyWorking with application teams to validate that software applications meet security guidelines and compliance standards such as HIPPA, SOC II, GDPR, NIST 800-53, FedRAMP, etcBuilding solutions that collect and present vulnerability and compliance data to Solventumās leadershipSkillsBachelor's Degree & 7 years of experience application security3 years' experience administering, running, and analyzing DAST toolsKnowledgeable with AWS or Azure cloud environmentsFamiliarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)Experience developing or testing RESTful APIs with an understanding of Postman and/or Swagger filesAbility to obtain and maintain a Public Trust clearanceExperience administering Qualys or Tenable vulnerability management and application security modulesExperience in working across multiple teams and disciplinesStrong attention to detail and analytical skillsRisk-based prioritization and sound judgmentBenefitsMedical, Dental & VisionHealth Savings AccountsHealth Care & Dependent Care Flexible Spending AccountsDisability BenefitsLife InsuranceVoluntary BenefitsPaid Absences and Retirement BenefitsTravel arrangements and related expenses will be coordinated and paid for by the company in accordance with its travel policy. Applies to new hires with a start date of October 1st 2025 or later.Company OverviewSolventum creates innovative products and services that enable better, smarter, safer healthcare to improve lives. It was founded in 2023, and is headquartered in Minnesota City, Minnesota, USA, with a workforce of 10001+ employees. Its website is https://www.solventum.com/en-us.