Vulnerability Management Engineer – Application Security

New

Remote work flexibility for candidates based in LATAMFull-TimeMiddle

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

5–7 years of experience in application security, vulnerability management, or related cybersecurity roles.
Strong understanding of OWASP Top 10, secure coding practices, and application security principles.
Hands-on experience with tools such as Burp Suite, Fortify, Checkmarx, SonarQube, Black Duck, Tenable, and similar security tools.
Ability to perform manual security testing of web applications and APIs, including authentication and authorization analysis.
Familiarity with security frameworks such as NIST, MITRE ATT&CK, and CIS benchmarks.
Proficiency in scripting or programming (e.g., Python, Java, .NET, or similar).
Experience working with CI/CD environments and DevSecOps practices.
Strong communication, documentation, and stakeholder collaboration skills.

Execute and support application security assessments (SAST, DAST, SCA, and manual testing) to identify and validate vulnerabilities across applications.
Analyze and triage security findings, including false-positive identification and risk-based prioritization using frameworks such as CVSS.
Track vulnerabilities through remediation cycles, perform retesting, and ensure effective resolution of security issues.
Collaborate with development and DevOps teams to integrate security scanning tools into CI/CD pipelines and improve automation.
Develop dashboards and reports to monitor vulnerability metrics, SLAs, MTTR, and overall security posture.
Support threat modeling, risk assessments, and secure design reviews to prevent insecure architecture patterns.
Participate in incident response activities for critical vulnerabilities, including zero-day scenarios when required.
Provide security recommendations, documentation, and guidance to improve application and cloud security controls.

View Full Description & ApplyYou'll be redirected to the employer's site