Covetrus is a global animal-health technology and services company dedicated to empowering veterinary practice partners to drive improved patient health and financial outcomes. Headquartered in Portland, Maine, with more than 5,000 employees and more than 100,000 global customers, our passion for the well-being of animals and those who care for them drives us to advance the world of veterinary medicine. In the USA, we bring together products, services, and technology into a single platform that connects our customers to the solutions and insights they need to work best. Now, our mission is to bring this technology to veterinarians and their clients worldwide. SUMMARY In your role as an Application Security Engineer, you will work closely with development teams to ensure the software solutions they're building and maintaining are secure. You will collaborate with stakeholders across the business including engineering, quality, project management, IT, and DevOps. You will review and threat model designs, perform secure code reviews, analyze potential risks, and guide teams to avoid or mitigate items; ensuring software solutions protect Covetrus, our partners, and the pet parents who utilize our solutions. ESSENTIAL DUTIES AND RESPONSIBILITIES: Partner with product leaders to continually improve their security processes to keep security an integral part of the software development lifecycle. Review feature designs providing security assessments, guidance on secure implementation best practices, and threat modelling of potential risks. Assist in training teams on application security principles. Participate in architectural design reviews providing secure best practices and guidance for individual components and infrastructure patterns. Establish and maintain documentation including mitigation guidance for specific vulnerabilities, risks, and project specific standards. Assist teams in reproducing and triaging application security vulnerabilities. Developing new automation rules and patterns to identify and prevent future occurrences of potential vulnerabilities. Perform secure code reviews, leading engineering teams on resolution of discoveries. Analyze applications through manual penetration testing and various available security tools. QUALIFICATIONS: Bachelor's degree in relevant field of study, or equivalent work experience. 7+ years of experience in software development, quality assurance, or application security. Expert knowledge of common web vulnerabilities and ability to work with engineering and product teams to understand and protect against those vulnerabilities. Proficiency with security controls, vulnerability assessments, and risk management methodologies. Strong understanding of application security principles and how to defend against their abuse. Experience with application security tools (SAST, DAST, SCA/SBOM, container analysis, infrastructure configuration management) Experience identifying security issues through code review. Familiarity with C#, Java, Python, React, Angular, AWS, OAuth2, Kubernetes, microservice architecture, CQRS, GraphQL. COMPETENCIES (Skills and Abilities): Strong interpersonal and communication skills to effectively collaborate with stakeholders at all levels of the organization. Proficient in threat modeling, risk assessment, defensive software development practices, and securing cloud infrastructure management. Information Security certifications encouraged. Familiarity with agile software development practices. Experience working in a regulated industry, such as healthcare or finance, is a plus. Attention to detail and a commitment to maintaining the highest standards of data security and privacy. PHYSICAL DEMANDS/WORK ENVIRONMENT The physical demands described here are representative of those that must be met by an employee to successfully perform the ess