Key Responsibilities
• Conduct security assessments and technical reviews of applications, systems, and technology platforms.
• Identify security risks across products, infrastructure, and supporting technologies and recommend mitigation strategies.
• Perform threat analysis and risk assessments to evaluate potential security weaknesses.
• Manage vulnerability identification, triage, prioritization, and remediation tracking across technology environments.
• Review security findings from scanning tools and coordinate remediation with engineering and operations teams.
• Monitor security advisories and vulnerability intelligence related to technologies used within the organization.
• Validate implementation of security controls through technical testing and configuration reviews.
• Support security reviews for new technologies, products, and third-party components introduced into the environment.
• Track and manage security issues related to open-source components and external dependencies.
• Ensure security risks are documented, tracked, and remediated within defined timelines.
• Support investigation of security incidents related to application or technology vulnerabilities.
• Maintain documentation for security assessments, risk evaluations, and remediation activities.
• Participate in internal security reviews, audits, and assurance activities.
• Collaborate with engineering, product, infrastructure, and governance teams to address security risks.
• Contribute to the improvement of security processes, tools, and operational practices within the security team.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field.
• 3 to 6 years of experience in security engineering, application security, vulnerability management, or security assessment roles.
• Strong understanding of common application and system security risks including OWASP Top 10 and common vulnerability classes.
• Experience with vulnerability scanning tools, security testing tools, or security assessment methodologies.
• Familiarity with vulnerability management workflows and risk prioritization practices.
• Knowledge of common enterprise technologies, operating systems, and application architectures.
• Experience reviewing security configurations and validating implementation of security controls.
• Ability to interpret security findings and work with technical teams to drive remediation.
• Strong analytical and problem-solving skills with attention to technical detail.