Vulnerability Management Engineer – Application Security

New

Remote in LATAM, U.S. Eastern Time (9:00 AM – 5:00 PM ET)Full-TimeMiddle

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or related discipline or equivalent professional experience.
5-7 years of relevant experience in application security and/or vulnerability management.
Solid understanding of common vulnerability classes (e.g., OWASP Top 10) and secure architecture principles.
Proficiency in using Burp Suite for manual security testing of web applications and APIs.
Hands-on experience with tools such as Burp Suite, Fortify, Checkmarx, SonarQube, Black Duck, Tenable, and Nmap.
Familiarity with NIST, MITRE ATT&CK, and CIS benchmarks.
Programming/scripting proficiency in languages such as Python, Java, .NET, or similar.
Excellent documentation, communication, and stakeholder engagement skills.

Execute and support application vulnerability assessments (SAST, DAST, SCA, and manual code review).
Validate scanner results, perform false-positive analysis, and track findings through remediation.
Manage multiple application security initiatives concurrently while meeting strict timelines.
Prioritize vulnerabilities based on business impact, exploitability, and exposure using CVSS.
Develop and maintain dashboards and reports tracking vulnerability metrics.
Support the integration of security scanning and vulnerability workflows into CI/CD pipelines.
Facilitate remediation planning and coordinate root cause analysis.
Support threat modeling and application risk assessments.
Participate in high-severity or zero-day vulnerability response activities.
Provide input into policies and standards related to application and cloud security.

View Full Description & ApplyYou'll be redirected to the employer's site