Application Security Vulnerability Engineer

• Manage and support vulnerability management activities across applications, cloud environments, containers, and supporting infrastructure.
• Perform vulnerability analysis, validation, prioritization, and remediation tracking using industry-standard security tools.
• Partner with application development teams to identify security risks and provide practical remediation recommendations.
• Analyze findings from application security, cloud security, container security, and external attack surface management platforms.
• Drive vulnerability lifecycle management from identification through remediation and closure.
• Support risk-based prioritization efforts by evaluating exploitability, business impact, exposure, and threat intelligence.
• Collaborate with engineering teams to establish remediation timelines and ensure security findings are addressed appropriately.
• Monitor and report on vulnerability trends, remediation metrics, and overall program effectiveness.
• Participate in vulnerability reviews, security assessments, and operational security activities.
• Assist with improving vulnerability management processes, automation opportunities, and operational efficiencies.
• Support external security posture monitoring and vendor risk visibility initiatives.

The ideal candidate combines strong technical vulnerability management expertise with the ability to collaborate effectively across distributed teams and communicate risk in a way that enables action. This role is an individual contributor position with no people management responsibilities and will operate as part of a globally distributed team with resources located in both the United States and India., * 5 7 years of experience in Vulnerability Management, Application Security, Security Engineering, or related Cybersecurity disciplines.

• Strong understanding of vulnerability management frameworks, risk scoring methodologies, and remediation practices.
• Experience using vulnerability management platforms such as / Tenable SaaS.
• Experience working with modern cloud-native and containerized environments.
• Familiarity with container security concepts and vulnerability management within Kubernetes, Docker, or similar environments.
• Experience collaborating directly with software development teams to remediate security findings.
• Knowledge of common application security vulnerabilities including the OWASP Top 10.
• Strong understanding of CVEs, CVSS scoring, exploitability analysis, and security risk assessment.
• Ability to communicate technical findings and risk posture to both technical and non-technical stakeholders.
• Experience working within globally distributed teams.

Preferred Qualifications

• Hands-on experience with:
• Prisma Cloud
• Snyk
• SecurityScorecard
• BitSight
• Experience supporting cloud environments within AWS, Azure, or Google Cloud Platform.
• Understanding of Software Development Lifecycle (SDLC) and secure development practices.
• Familiarity with CI/CD security integrations and DevSecOps methodologies.
• Experience supporting container security and software supply chain security initiatives.
• Security certifications such as Security+, GSEC, GCIH, GPEN, CISSP, or comparable credentials. What Success Looks Like
• Vulnerabilities are accurately triaged and prioritized based on risk.
• Application and engineering teams receive actionable remediation guidance.
• Remediation SLAs are consistently met or exceeded.
• Security tooling is effectively leveraged to improve visibility and reduce organizational risk.
• Strong collaboration is maintained across US and India-based security and engineering teams.