Responsibilities Application Security knowledge Execute and support application vulnerability assessments (SAST, DAST, SCA, and manual code review), ensuring findings are accurate, actionable, and relevant to application risk. Validate scanner results, perform false-positive analysis, and track findings through remediation, including retesting to confirm effective fixes. Manage multiple application security initiatives concurrently while meeting strict timelines in a fast paced environment. Prioritize vulnerabilities based on business impact, exploitability, exposure, and likelihood, using industry best practices (e.g., CVSS scoring). Develop and maintain dashboards and reports tracking vulnerability metrics such as severity distribution, remediation SLAs, and mean time to remediation (MTTR). Support the integration of security scanning and vulnerability workflows into CI/CD pipelines, leveraging existing tooling and automation. Facilitate remediation planning by providing actionable recommendations and coordinating root cause analysis. Support threat modeling and application risk assessments, with a focus on discovering insecure design patterns. Participate in high severity or zero day vulnerability response activities, including impact analysis and coordinated remediation efforts, as needed. Provide input into policies and standards related to application and cloud security controls. Qualifications and Education Requirements Bachelor's Degree in Information Technology, Cybersecurity, Computer Science, or related discipline-or equivalent professional experience. Experience in application security and/or vulnerability management. Solid understanding of common vulnerability classes (e.g., OWASP Top 10) and secure architecture principles.