Application Security Specialist

Job Title

Location(s)

About Us

Revvity is a developer and provider of end-to-end solutions designed to help scientists, researchers, and clinicians solve the world’s greatest health challenges. We pair the enthusiasm of an industry disruptor with the experience of a longtime leader. Our team of 11,000+ colleagues from around the globe are vital to our success and the reason we’re able to push boundaries in pursuit of better human health.

Find your future at Revvity 

Job Description:

As an Application Security Specialist, you will play a pivotal role in securing our applications and protecting our infrastructure from potential threats. Your responsibilities will include:

• SAST and DAST Testing: Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), review their outputs, and assist the development team with remediation strategies.
• GitHub Security: Configure and manage security tools such as Checkmarx and leverage GitHub's native security features to scan vulnerabilities in the codebase and dependencies.
• CI/CD Pipeline Security: Ensure integration of security scans within our CI/CD pipelines to identify vulnerabilities early in the development process.
• Container Security: Implement and enforce security best practices for containerization within AWS ECS and ECR environments, focusing on secure configurations, image scanning, and robust access control measures.
• Vulnerability Management: Lead the coordination and management of vulnerability scanning and remediation efforts across the application stack, encompassing the codebase, containers, and AWS infrastructure.
• Penetration Testing: Conduct thorough penetration testing on products and systems, including web applications and services, to identify and exploit security flaws.
• Cross-functional Collaboration: Participate in triage calls with cross-functional teams and effectively communicate vulnerability details, risks, and potential impacts to stakeholders.

Requirements:

• Over 3-5 years of hands-on experience in application security.
• Advanced proficiency in tackling technical challenges independently.
• Basic understanding of AWS cloud technologies and environments.
• Familiarity and experience with tools like Snyk, Veracode,Gitleaks and Burp Suite will be an added advantage.
• Strong knowledge of web application frameworks (such as OWASP) and CI/CD frameworks.
• Experience with scripting languages (e.g., Python, JavaScript, PowerShell, Ruby, PHP) to develop custom scripts.
• Familiarity with shift-left tools and application security workflows.
• Excellent collaboration skills to work with cross-functional teams towards shared goals.
•  Excellent written and verbal communication skills.
• Bachelor’s degree in information technology, Computer Science, or equivalent practical experience.