About Us
At Codvo, we are committed to building scalable, future-ready data platforms that power business impact. We believe in a culture of innovation, collaboration, and growth, where engineers can experiment, learn, and thrive. Join us to be part of a team that solves complex data challenges with creativity and cutting-edge technology.
Overview
We are hiring an Application Security Engineer to work hands-on with client and internal development teams to review, refactor, and remediate code for CRA compliance. You will operate at the intersection of security engineering and software development, embedding secure practices into millions of lines of legacy and new code for industrial clients.
Key Responsibilities
- Conduct static and dynamic code reviews (C/C++, .NET, Java, Python) for CRA/SOC2/ISO compliance gaps.
- Run and tune SAST/SCA/Secrets/IaC scanners to identify vulnerabilities with low false positives.
- Build secure code remediation patterns (crypto, auth, logging, PII handling).
- Collaborate with client developers to merge secure fixes quickly and efficiently.
- Work with the CRA Practice Lead to maintain compliance-aligned secure coding playbooks.
- Support generation of compliance evidence (audit-ready artifacts).
Required Skills & Qualifications
- 58 years in Application Security + Software Development.
- Strong coding experience in C/C++/.NET/Java/Python.
- Hands-on with tools like SonarQube, Semgrep, Snyk, Checkov, Trivy, GitHub Advanced Security.
- Knowledge of secure coding standards (OWASP, MISRA, CERT).
- Familiarity with IEC 62443, SOC 2, ISO 27001 requirements in industrial contexts.
Preferred Background
- Prior experience remediating code for compliance frameworks.
- Exposure to manufacturing, O&G, or industrial software systems.
- Certifications: CSSLP, CEH, OSWE, or equivalent.
