about 3 hours ago
Responsibilities
- Own and operate the vulnerability management lifecycle.
- Conduct continuous scanning of applications, infrastructure, and dependencies.
- Prioritize risks based on their impact.
- Track and drive remediation efforts.
- Perform penetration testing on web applications, APIs, and cloud environments.
- Validate and triage vulnerabilities to eliminate false positives.
- Collaborate with engineering teams to fix vulnerabilities.
- Implement and manage security tools for SAST, DAST, and dependency scanning.
- Develop repeatable testing methodologies and automation.
- Conduct adversarial testing and exploit validation.
- Track metrics and report on risk posture and remediation progress.
- Contribute to improving secure development practices.
Requirements
- 5–9+ years of experience in security engineering, vulnerability management, or penetration testing.
- Hands-on experience with web and API security testing.
- Knowledge of common vulnerabilities, including OWASP Top 10.
- Strong understanding of attack techniques and exploitation methods.
- Experience with security scanning tools and frameworks.
- Ability to analyze and validate vulnerabilities in real-world systems.
- Familiarity with cloud environments, preferably Azure.
Tech Stack
AzureKubernetes