What are the responsibilities and job description for the Junior Software Engineer – Application Security position at Jobright.ai?
Verified Job On Employer Career Site
Job Summary:
Vertafore is a leading technology company advancing the insurance industry through innovative software solutions. As a Software Engineer II – Application Security, you will ensure product security by collaborating with teams, assisting in vulnerability remediation, and promoting secure coding practices within the organization.
Responsibilities:
• Ensures our applications meet internal security standards and SSDLC (Secure Software Development Lifecycle) best practices.
• Develops new features and maintains existing features of our internal security tooling.
• Participates in threat modeling exercises with application development teams.
• Monitors results of dynamic, static, and dependency vulnerability scans.
• Research security findings to assist in determination of validity.
• Supports application development teams in the remediation of vulnerabilities.
• Provides technical training on secure coding and ongoing guidance to application developers.
• Conducts technical research on vulnerable third-party libraries and provides recommendations for resolution.
• Monitors evolving security threats, escalating when necessary.
• Stay current on application security trends and practices.
• Promotes a culture of secure coding best practices.
• Creates artifacts/documents that are valuable to the team.
• Writes well-designed, testable code.
• Participates in code reviews, both of your own code and as a reviewer.
• Mentors and inspires others to raise the bar for everyone around them.
Qualifications:
Required:
• Bachelor’s degree in Computer Science (or related technical field) or equivalent practical experience.
• 2-3 years of professional experience with Java or .NET and common frameworks.
• Experience in or a strong desire to pursue an application security role.
• Experience with JavaScript and Angular, React.js, or similar.
• Experience working in an Agile environment required.
• Knowledge of secure coding best practices.
• Ensures our applications meet internal security standards and SSDLC (Secure Software Development Lifecycle) best practices.
• Develops new features and maintains existing features of our internal security tooling.
• Participates in threat modeling exercises with application development teams.
• Monitors results of dynamic, static, and dependency vulnerability scans.
• Research security findings to assist in determination of validity.
• Supports application development teams in the remediation of vulnerabilities.
• Provides technical training on secure coding and ongoing guidance to application developers.
• Conducts technical research on vulnerable third-party libraries and provides recommendations for resolution.
• Monitors evolving security threats, escalating when necessary.
• Stay current on application security trends and practices.
• Promotes a culture of secure coding best practices.
• Creates artifacts/documents that are valuable to the team.
• Writes well-designed, testable code.
• Participates in code reviews, both of your own code and as a reviewer.
• Mentors and inspires others to raise the bar for everyone around them.
• Has a solid understanding of the OWASP Top 10.
• Adheres to security standards and internal security SLAs.
• Cares about and knows what it means to ship secure code; able to define and adhere to secure coding standards.
• Able to investigate security issues and provide solutions for remediation or mitigation.
• Proficient with relevant security tools and technologies used to identify and resolve application security issues.
• Can independently frame problems and perform relevant research.
• Collaborates with peers to design pragmatic solutions.
• Operates best in a fast-paced, flexible work environment.
• Effective communication (written and verbal) and interpersonal skills.
• Problem solver with strong analytical and critical thinking skills.
• An innate curiosity about how things work; proactively acquires new skills and learns new tools and technologies to troubleshoot issues.
• A team player and excellent collaborator.
• Interested and capable of learning other programming languages as needed.
Company:
Vertafore offers software and essential information to address business challenges within the insurance industry. Founded in 1969, the company is headquartered in Denver, Colorado, USA, with a team of 1001-5000 employees. The company is currently Late Stage. Vertafore has a track record of offering H1B sponsorships.
