Code Scanning Developer

Summary

• We are seeking a detail-oriented and security-focused professional to join our team as a Senior Professional Application Designer. The ideal candidate will be responsible for performing code and application security scans using industry-leading tools such as Snyk and Invicti, identifying vulnerabilities, and working closely with development teams to remediate issues and improve overall security posture.This role is strictly involved in the development of the product and does not involve access to Protected Health Information (PHI) & Personally Identifiable Information (PII) or any secured/confidential client data. The work is limited to application development and does not include handling or processing of sensitive health information.

Your role in our mission

•    Conduct static and dynamic application security scans using tools like Snyk (for open-source and container vulnerabilities) and Invicti (for web application security testing).
•    Analyze scan results, prioritize vulnerabilities based on risk, and provide actionable remediation guidance to development teams.
•    Integrate security scanning tools into CI/CD pipelines to enable automated and continuous security testing.
•    Collaborate with developers, DevOps, and QA teams to ensure secure coding practices and timely resolution of identified issues.
•    Monitor and track remediation progress and validate fixes through re-scanning.
•    Maintain and update security scanning configurations and policies to align with evolving threat landscapes and compliance requirements.
•    Generate detailed reports and dashboards to communicate security findings and trends to stakeholders.
•    Stay current with the latest security threats, vulnerabilities, and mitigation techniques.
•    This role is strictly involved in the development of the product and does not involve access to Protected Health Information (PHI) & Personally Identifiable Information (PII) or any secured/confidential client data. The work is limited to application development and does not include handling or processing of sensitive health information.

What we're looking for

• •    7+ years of IT experience 
  •    Hands-on experience with Snyk, Invicti, or similar security scanning tools.
  •    Experience with programming languages such as Java, Python, React, Node, Typescript JavaScript
  •    Strong understanding of application security principles and OWASP Top 10.
  •    Familiarity with CI/CD tools and automation processes (e.g., Jenkins, GitLab CI, Azure DevOps).
  •    Proficiency in interpreting and communicating scan results effectively.
  •    Familiarity with reporting tools and formats (e.g., PDF, HTML, Excel, dashboards).
  •    Knowledge of secure coding practices and vulnerability remediation techniques.
  •    Knowledge of Issue tracking tools such as JIRA, ServiceNow

What you should expect in this role

• •    Work from Office 
  •    Willingness to work for overlapping US work hours.