Business Needs Inc.
Base pay range
$55.00/hr - $60.00/hr
In this contract role, you will be at the forefront of protecting the products and services that millions of our members trust every day. You will support a key security initiative by embedding security into our development lifecycle and proactively defending against emerging threats. You will have a direct impact on our security posture by identifying and triaging vulnerabilities and by partnering with engineers to provide actionable, code-level recommendations for remediation.
This project is an opportunity to work at scale in a fast-paced environment that values collaboration and proactive security. The focus of this engagement is to solve complex security puzzles, protect the company from real-world threats, and meaningfully improve the safety and trust of our members.
What You’ll Do
Triage and validate vulnerabilities from our suite of security tools, including Data Loss Prevention (DLP), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Open-Source Software (OSS) scanning.
Work closely with development teams to communicate findings, provide clear remediation guidance, including specific recommendations for code fixes, and ensure timely resolutions.
Proactively identify patterns and tune security tooling to improve our signal‑to‑noise ratio and reduce false positives.
Develop scripts and automation to streamline repetitive tasks and scale our vulnerability management processes.
Use ticketing systems to manage the end‑to‑end vulnerability lifecycle, from discovery to remediation.
Required Skills & Experience
Experience in an application security, product security, and/or vulnerability management role.
Hands‑on experience operating and interpreting results from security tools, including Data Loss Prevention (DLP), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).
Proven ability to triage security vulnerabilities and distinguish between true and false positives.
Strong understanding of secure coding practices and the ability to recommend specific code changes to fix vulnerabilities.
Proficiency in a scripting language (e.g., Python, Go, Bash) for automation.
Excellent communication skills, with a proven ability to explain complex security issues to developers.
Experience refining and tuning the rules and policies of security tools.
Experience with ticketing systems (e.g., JIRA, ServiceNow, Azure DevOps) for vulnerability tracking and remediation management.
Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10).
Familiarity with CI/CD pipelines and securing the Software Development Life Cycle (SDLC) is beneficial.
Proficiency in Scala, Java, or Typescript is also beneficial.
A Bachelor’s or Master’s degree in a related field or relevant security certifications (e.g., GIAC, OSCP) are a plus.
Seniority level Mid‑Senior level
Employment type Contract
Job function Computer and Network Security
#J-18808-Ljbffr
In this contract role, you will be at the forefront of protecting the products and services that millions of our members trust every day. You will support a key security initiative by embedding security into our development lifecycle and proactively defending against emerging threats. You will have a direct impact on our security posture by identifying and triaging vulnerabilities and by partnering with engineers to provide actionable, code-level recommendations for remediation.
This project is an opportunity to work at scale in a fast-paced environment that values collaboration and proactive security. The focus of this engagement is to solve complex security puzzles, protect the company from real-world threats, and meaningfully improve the safety and trust of our members.
What You’ll Do
Triage and validate vulnerabilities from our suite of security tools, including Data Loss Prevention (DLP), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Open-Source Software (OSS) scanning.
Work closely with development teams to communicate findings, provide clear remediation guidance, including specific recommendations for code fixes, and ensure timely resolutions.
Proactively identify patterns and tune security tooling to improve our signal‑to‑noise ratio and reduce false positives.
Develop scripts and automation to streamline repetitive tasks and scale our vulnerability management processes.
Use ticketing systems to manage the end‑to‑end vulnerability lifecycle, from discovery to remediation.
Required Skills & Experience
Experience in an application security, product security, and/or vulnerability management role.
Hands‑on experience operating and interpreting results from security tools, including Data Loss Prevention (DLP), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).
Proven ability to triage security vulnerabilities and distinguish between true and false positives.
Strong understanding of secure coding practices and the ability to recommend specific code changes to fix vulnerabilities.
Proficiency in a scripting language (e.g., Python, Go, Bash) for automation.
Excellent communication skills, with a proven ability to explain complex security issues to developers.
Experience refining and tuning the rules and policies of security tools.
Experience with ticketing systems (e.g., JIRA, ServiceNow, Azure DevOps) for vulnerability tracking and remediation management.
Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10).
Familiarity with CI/CD pipelines and securing the Software Development Life Cycle (SDLC) is beneficial.
Proficiency in Scala, Java, or Typescript is also beneficial.
A Bachelor’s or Master’s degree in a related field or relevant security certifications (e.g., GIAC, OSCP) are a plus.
Seniority level Mid‑Senior level
Employment type Contract
Job function Computer and Network Security
#J-18808-Ljbffr