-
Application Security Specialist - Vulnerability Operations
Location: New Jersey City, NJ - Charlotte, NC & Dallas, TX (5 days onsite)
Type: Fulltime
Functional Area: Vulnerability Operations
Role Summary:
Support vulnerability discovery, triage, and remediation across application portfolios using automated and manual approaches.
Enable tiered control adoption (Tier 1 3) and ensure compliance with scoping requirements.
Partner with engineering teams to embed AppSec controls in SDLC and CI/CD workflows.
Key Responsibilities:
Run and manage SAST/DAST/SCA scans; analyze findings; coordinate fixes with product teams.
Operate AVR (ServiceNow) workflows for vulnerability tracking, defect management, and policy enforcement.
Maintain migration trackers and dashboards showing status, risks, and dependencies by tier and quarter.
Configure merge prevention/build failure gates for high-risk policy violations (Tier 3).
Contribute to weekly risk register updates and immediate escalation of high-impact issues.
Produce weekly operational summaries and inputs to monthly executive reports.
Required Qualifications & Skills:
Bachelor's in Computer Science, Cybersecurity, or equivalent experience.
3+ years in application security or vulnerability management.
Hands-on with CI/CD-integrated security (SAST/DAST/SCA).
Knowledge of secure coding practices and common vulnerability classes (OWASP Top 10).
Experience with ticketing/workflow tools (e.g., ServiceNow, JIRA).
Preferred Qualifications:
Experience with ServiceNow AVR automation and dashboarding.
Scripting for automation (Python, Bash, PowerShell).
Certifications: CSSLP, GWAPT, or comparable.
Tools & Technologies:
SAST (e.g., Checkmarx, Fortify, SonarQube)
DAST (e.g., Burp Suite Enterprise, OWASP ZAP)
SCA (e.g., Snyk, Black Duck)
ServiceNow AVR
CI/CD (GitHub Actions, Jenkins, Azure DevOps)
Thanks & Regards,
Jameer Khan
Never miss an opportunity! Create an alert based on the job you applied for.
