Jobs · Information Technology · Georgia

Windows Application Security Developer

Accord Technologies Inc · Atlanta, GA · 4 mo ago
On-siteInformation TechnologyFull-time

Key Responsibilities

  • Interpret Veracode SAST reports — understand CWE classifications, flaw categories, and severity scoring.
  • Triage High and Critical findings by exploitability, business impact, and remediation complexity.
  • Map each Veracode finding to the relevant source code module — VB6, C#, VB.NET, SQL, Python, or Fortran.
  • Prioritize remediation backlog and communicate status to stakeholders and auditors.
  • Identify and fix OS command injection vulnerabilities across VB6 and .NET components.
  • Identify and fix SQL injection vulnerabilities in VB6, .NET, and any dynamic SQL construction patterns.
  • Work within the VB6 codebase — Windows API calls, ActiveX components, and VB6-specific security pitfalls.
  • Rebuild applications after applying patches — manage dependencies, resolve build errors, and validate successful compilation.
  • Perform unit-level and integration-level testing for each patched module.
  • Execute Veracode rescans to confirm vulnerability resolution and track flaw closure rate.
  • Conduct regression testing to ensure no functional degradation, performance impact, or breaking changes.

Required Skills & Experience

  • Strong hands-on experience with Visual Basic 6 (VB6) — including ADO, Windows API, ActiveX, and VB6 IDE.
  • Proficiency in C# and/or VB.NET on .NET Framework — Windows Forms development and data access.
  • Deep understanding of SQL injection (remediation: parameterized queries, stored procedures, input validation).
  • Proven experience fixing command injection: input sanitization, allowlisting, safe execution patterns.
  • Hands-on experience with Veracode SAST — interpreting findings, understanding CWE classifications, and driving flaw closure.
  • Knowledge of OWASP Top 10 and secure coding standards applicable to Windows desktop applications.
  • Experience with CVSS scoring, vulnerability triage, and remediation prioritization.
  • Ability to write and execute security-focused test cases to validate fixes.
  • Proficiency with Git or SVN for source code version control and patch management.
  • Experience with code review processes, pull requests, and collaborative development workflows.
  • Familiarity with issue tracking systems such as JIRA, Azure DevOps, or GitHub Issues.
  • Bachelor's or Master's degree in Computer Science, Software Engineering, Cybersecurity, or a related field.
  • 8 to 9+ years of professional experience in Windows desktop application development (VB6 / .NET).
  • Experience with additional languages in scope: Python , Fortran code review.

Similar jobs