Description
You will own the security lifecycle for Windows desktop applications.
Responsibilities
- Interpret Veracode SAST reports, mapping findings to VB6, C#, VB.NET, SQL, Python, or Fortran modules.
- Triage High and Critical vulnerabilities based on exploitability, business impact, and complexity.
- Identify and remediate OS and SQL injection vulnerabilities across VB6 and .NET components.
- Manage application patching, rebuilds, and regression testing after applying security fixes.
- Maintain documentation detailing root cause analysis, code changes, and residual risk for each finding.
Required Skills
- 8 to 9+ years of professional experience in Windows desktop application development (VB6 / .NET).
- Strong hands-on experience with Visual Basic 6 (VB6), including ADO, Windows API, and ActiveX.
- Proficiency in C# and/or VB.NET on the .NET Framework, specifically Windows Forms development.
- Deep understanding of SQL injection remediation using parameterized queries and stored procedures.
- Proven experience fixing command injection via input sanitization and allowlisting.
- Hands-on experience with Veracode SAST, interpreting CWE classifications and driving flaw closure.
- Knowledge of OWASP Top 10 and secure coding standards for Windows desktop applications.
- Proficiency with Git or SVN for source code version control and patch management.
- Bachelor's or Master's degree in Computer Science, Software Engineering, Cybersecurity, or related field.
Education
Bachelor's or Master's degrees
- Posted On: 15+ Days Ago
- Experience: 9+ years of experience
- Openings: 1
- Category: Windows Application Security Developer
- Tenure: Contract - Corp-to-Corp Position