Security engineer (required skills - application security & threat modeling)

Responsibilities:
SDLC Integration and App Sec Tooling
- Support the day-to-day operation of application security tooling across SAST, DAST, SCA (software composition analysis), secrets detection, and container image scanning.
- Help onboard new applications and repositories into App Sec tooling; configure scan policies and validate that pipelines are correctly instrumented.
- Assist with tuning of detection rules and policies to reduce false positives and improve signal quality for engineering teams.
- Maintain documentation, runbooks, and quick-reference guides for App Sec tooling and processes.
Findings Triage and Vulnerability Management
- Triage findings from App Sec tooling — validate, prioritize by risk and exploitability, deduplicate, and route to the appropriate engineering owners.
- Perform false positive validation on tooling findings — review code context, data flow, and exploitability conditions to confirm whether reported issues are genuine; docume...