Application Security Vulnerability Engineer 100% Remote

Application Security Vulnerability Engineer 100% Remote 

Overview

We are seeking a Vulnerability Engineer to join our Application Security team and support the day-to-day operations of a mature vulnerability management program. This individual will work closely with application development, cloud engineering, infrastructure, and security teams to identify, assess, prioritize, and drive remediation of vulnerabilities across a diverse technology environment.

The ideal candidate combines strong technical vulnerability management expertise with the ability to collaborate effectively across distributed teams and communicate risk in a way that enables action. This role is an individual contributor position with no people management responsibilities and will operate as part of a globally distributed team with resources located in both the United States and India.

Key Responsibilities

• Manage and support vulnerability management activities across applications, cloud environments, containers, and supporting infrastructure.
• Perform vulnerability analysis, validation, prioritization, and remediation tracking using industry-standard security tools.
• Partner with application development teams to identify security risks and provide practical remediation recommendations.
• Analyze findings from application security, cloud security, container security, and external attack surface management platforms.
• Drive vulnerability lifecycle management from identification through remediation and closure.
• Support risk-based prioritization efforts by evaluating exploitability, business impact, exposure, and threat intelligence.
• Collaborate with engineering teams to establish remediation timelines and ensure security findings are addressed appropriately.
• Monitor and report on vulnerability trends, remediation metrics, and overall program effectiveness.
• Participate in vulnerability reviews, security assessments, and operational security activities.
• Assist with improving vulnerability management processes, automation opportunities, and operational efficiencies.
• Support external security posture monitoring and vendor risk visibility initiatives.

Required Qualifications

• 5–7 years of experience in Vulnerability Management, Application Security, Security Engineering, or related Cybersecurity disciplines.
• Strong understanding of vulnerability management frameworks, risk scoring methodologies, and remediation practices.
• Experience using vulnerability management platforms such as Tenable.io / Tenable SaaS.
• Experience working with modern cloud-native and containerized environments.
• Familiarity with container security concepts and vulnerability management within Kubernetes, Docker, or similar environments.
• Experience collaborating directly with software development teams to remediate security findings.
• Knowledge of common application security vulnerabilities including the OWASP Top 10.
• Strong understanding of CVEs, CVSS scoring, exploitability analysis, and security risk assessment.
• Ability to communicate technical findings and risk posture to both technical and non-technical stakeholders.
• Experience working within globally distributed teams.

Preferred Qualifications

Hands-on experience with:

• Prisma Cloud
• Snyk
• Security Scorecard
• BitSight
• Experience supporting cloud environments within AWS, Azure, or Google Cloud Platform.
• Understanding of Software Development Lifecycle (SDLC) and secure development practices.
• Familiarity with CI/CD security integrations and DevSecOps methodologies.
• Experience supporting container security and software supply chain security initiatives.