We are seeking a hands-on Software Security Engineer to move beyond simple analysis and take ownership offixingvulnerabilities.
In this role, you will act as the primary remediation expert, diving into the code to resolve security flaws across a diverse landscape of applications.
You won't just report the bug, you will refactor the code, secure the database, and harden the server configuration.
Key Responsibilities
Hands-On Remediation:Directly implement code fixes for OWASP Top 10 vulnerabilities (XSS, SQL Injection, CSRF) across a hybrid stack of legacy and modern applications.
Polyglot Development:Analyze and patch code inClassic ASP, Perl, ASP.NET (C#), Java, and React.
Database Hardening:Refactor SQL queries to eliminate injection risks and improve database security standards.
Infrastructure Security:Configure and secureIIS environmentsby applying security headers, disabling insecure modules, and enforcing HTTPS.
Collaborative Verification:Work closely with QA and Security teams to verify fixes through static/dynamic scanning and manual testing.
The Technical Stack (Must Have)
Legacy:Classic ASP, Perl.
Modern:ASP.NET (C#), Java, JavaScript, React.
Database:MS SQL Server (Writing and refactoring queries).
Server:IIS Configuration & Hardening.
Required Qualifications
5+ years of experiencein software development with a heavy focus on code remediation or application security.
Proven ability to read, analyze, and fix code inbothlegacy languages (ASP/Perl) and modern frameworks (React/.NET).
Deep understanding ofOWASP Top 10and how to resolve them at the code level.
Experience configuringIISfor maximum security.
Desired:
Experience in the Healthcare industry.