Application Security Engineer
WFA Digital Insight
As the demand for cybersecurity specialists grows, with a 25% increase in 2025, remote roles like this are highly sought after. Solventum's commitment to innovative healthcare solutions and its legacy of solving complex challenges make this an attractive opportunity for those with a passion for application security. With the healthcare industry being a prime target for cyber threats, professionals with expertise in securing healthcare information systems are in high demand. Before applying, candidates should be aware of the importance of staying updated with the latest security protocols and compliance standards such as HIPAA and GDPR.
Job Description
About the Role
The Application Security Engineer role at Solventum is a critical position focused on enhancing the security of the company's healthcare information systems. As part of a team of cybersecurity professionals, the successful candidate will be motivated to secure Solventum's systems and the personal health information of its clients and their patients. This role involves operating and enhancing application security tool environments, ensuring the highest level of security and compliance.Day-to-day, the Application Security Engineer will be responsible for a variety of tasks, including the setup and execution of dynamic application security testing (DAST) scans against web applications and APIs. This role requires a strong understanding of cybersecurity principles, particularly in the context of healthcare, where data protection is paramount. The engineer will work closely with development and platform teams to explain DAST findings and remediation expectations, ensuring that all software applications meet security guidelines and compliance standards.
Solventum is a new healthcare company with a long legacy of solving big challenges that improve lives and help healthcare professionals perform at their best. Guided by empathy, insight, and clinical intelligence, the company collaborates with the best minds in healthcare to address its customers' toughest challenges.
What You Will Do
- Operate and enhance application security tool environments to ensure the highest level of security.
- Author automation scripts for recurring tasks, with Python being the preferred language.
- Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved tools.
- Manage scan scheduling, configuration, and coverage across application security tool environments.
- Tune scanning profiles to reduce false positives and improve detection accuracy.
- Ensure DAST scanning aligns with release cycles and risk-based scanning requirements.
- Validate DAST findings to confirm exploitability and business impact.
- Categorize vulnerabilities using industry standards, such as the OWASP Top 10.
- Prioritize findings based on risk, application criticality, and exposure.
- Eliminate false positives and duplicate findings prior to developer handoff.
- Partner with development and platform teams to explain DAST findings and remediation expectations.
- Track remediation progress and verify fixes through re-scanning or targeted validation.
What We Are Looking For
- A Bachelor's Degree in a relevant field (e.g., Computer Science, Information Technology) and at least 7 years of experience in application security.
- At least 3 years of experience administering, running, and analyzing DAST tools.
- Knowledge and experience with cloud environments, preferably AWS or Azure.
- Familiarity with best practice software security requirements in industry standard compliance programs (e.g., NIST, HITRUST, FedRAMP).
- Experience developing or testing REST APIs.
- Strong understanding of cybersecurity principles and protocols.
- Ability to work independently and as part of a team.
Nice to Have
- Experience with Python scripting.
- Knowledge of additional programming languages.
- Familiarity with Agile development methodologies.
- Experience in a remote work environment.
Benefits and Perks
- The opportunity to work with a company that is at the forefront of healthcare innovation.
- Collaborative and dynamic work environment.
- Professional development opportunities.
- Flexible remote work arrangements.
- Access to the latest cybersecurity tools and technologies.
- Competitive compensation package.
- Comprehensive health insurance.
- Generous PTO policy.
- Remote work stipend.
How to Stand Out
- Ensure your resume highlights specific experiences with DAST tools and application security.
- Be prepared to discuss your understanding of compliance standards such as HIPAA and GDPR during interviews.
- Having a portfolio or examples of your work in application security can significantly enhance your application.
- Familiarize yourself with Solventum's products and services to understand how your role contributes to the company's mission.
- Consider obtaining certifications in cybersecurity or related fields to make your application more competitive.
- When negotiating salary, research the market standard for application security engineers in the healthcare industry to make a strong case for your worth.
This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.