Software Developer – Security Code Review

Responsibilities

• Perform in-depth security-focused code reviews across various codebases and languages
• Identify common and advanced security vulnerabilities such as injection, XSS, and insecure APIs
• Work closely with developers to educate and guide them in secure coding practices
• Recommend fixes and mitigation strategies to ensure adherence to security standards like OWASP Top 10, CWE, and NIST
• Collaborate with security engineers, architects, and DevSecOps teams to enhance code security posture
• Maintain documentation of findings and track remediation status
• Utilize static and dynamic analysis tools to supplement manual reviews
• Participate in security audits, threat modeling, and secure code training sessions

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 5+ years of experience in software development
• 2+ years of experience in secure code review or application security
• Strong understanding of the secure software development lifecycle (SSDLC)
• Experience identifying and remediating vulnerabilities in languages such as C/C++, C#, Swift, Java, JavaScript, or Python
• Familiarity with security tools such as SonarQube, Fortify, Checkmarx, or Veracode
• Knowledge of OWASP Top 10, CWE/SANS 25, and CVSS scoring
• Strong analytical, communication, and documentation skills

Preferred Qualifications

• Security certifications such as OSCP, CSSLP, CEH, or GWAPT
• Experience in regulated environments (e.g., finance, healthcare, defense)
• Familiarity with threat modeling, penetration testing, or red/blue team operations

About the Company

ThreatLocker is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker platform uses Application Allowlisting, Ringfencing™, and other advanced solutions to block the exploits of application vulnerabilities.