Application Security – Vulnerability Discovery

Job not on LinkedIn

🔥 0 minutes ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of SRM Technologies

SRM Technologies

501 - 1000 employees

Founded 1998

☁️ SaaS

Automotive • Healthcare • SaaS

SRM Technologies is a leading provider of Product Engineering, Automotive Solutions, and Digital Transformation services. With over 25 years of experience, the company specializes in mobility solutions, cloud technologies, data analytics, and artificial intelligence to help enterprises enhance their operational efficiency and innovate their product offerings. SRM Tech focuses on diverse industries such as automotive, healthcare, consumer and retail, telecommunications, and education, leveraging technology to drive business success and agility.

📋 Description

• Triage, validate, and prioritize security vulnerabilities identified through manual reviews, automated tooling, bug bounty reports, and AI-assisted security analysis platforms. • Participate in on-call rotation to support security incident triage, perform code reviews, and address security questions. • Partner closely with engineering teams to drive remediation efforts, provide actionable guidance, and ensure timely closure of security findings based on risk and severity. • Review security-related pull requests and code changes, providing guidance on secure implementation patterns and identifying potential vulnerabilities before production deployment. • Analyze findings generated by AI-powered security agents and automation platforms, validate results, reduce false positives, and help drive remediation workflows across engineering teams. • Collaborate with Product Security Architecture and development teams to improve vulnerability detection, prioritization, and remediation processes. • Support security incident investigations and root cause analysis when vulnerabilities or application security issues are discovered. • Develop security tooling, automation, and workflows that improve security coverage and reduce manual effort for security reviews and vulnerability management. • Administer and manage vulnerability scanning tools (e.g., Tenable or similar). • Configure, optimize, and maintain scanning tools, policies, and schedules. • Track and report on remediation progress, security metrics, and risk reduction initiatives across assigned engineering organizations. • Contribute to security documentation, best practices, and developer education efforts to improve secure coding practices across Dropbox.

🎯 Requirements

• 3+ years experience in application security engineering • Strong communication skills and relationship building skills • Experience in building and scaling the Secure Development Lifecycle • Experience with handling vulnerability and bug bounty reports • Experience partnering with cross-functional engineering and product teams • Experience triaging, validating, and prioritizing security vulnerabilities from static analysis, dynamic analysis, dependency scanning, penetration testing, or bug bounty programs. • Strong understanding of common application security vulnerabilities (OWASP Top 10, API Security, authentication, authorization, secrets management, cryptography, etc.). • Experience reviewing source code and identifying security vulnerabilities in modern programming languages and frameworks. • Familiarity with security tooling such as SAST, DAST, SCA, IaC scanning, secrets detection, and vulnerability management platforms. • Experience working with cloud-native architectures and public cloud environments (AWS preferred).

🏖️ Benefits

• This is a remote position. • Health insurance

Apply Now

Similar Jobs

🕒 5 days ago

ClanX

1 - 10

🎯 Recruiter

👥 HR Tech

Senior Security Engineer responsible for securing infrastructure and application code for AI products. Overseeing compliance and driving security improvements in a regulated environment.

AWS

Azure

Cloud

Docker

Google Cloud Platform

Kubernetes

🕒 6 days ago

Fortrea

10,000+ employees

🧬 Biotechnology

💊 Pharmaceuticals

⚕️ Healthcare Insurance

Workday Security Lead driving security design and governance for Fortrea's Workday platform. Ensuring secure access and compliance with regulatory frameworks while collaborating with various teams.

🕒 6 days ago

Akamai Technologies

5001 - 10000

🔒 Cybersecurity

Security Architect II managing technical lifecycles and designing customer configurations for Akamai's security solutions team. Analysing traffic and customizing security solutions to address challenges.

DNS

Firewalls

Python

Terraform

🕒 July 10

Navitas Business Consulting, Inc.

51 - 200

🤖 Artificial Intelligence

🔒 Cybersecurity

☁️ SaaS

Security & Endpoint Engineer at Navitas providing security solutions for Dropbox's endpoint environment. Evaluating and implementing security measures for browser extensions and various platforms.

Jamf

Linux

MacOS

Python

🕒 July 9

Solstice Advanced Materials

1001 - 5000

🤝 B2B

🔬 Science

💊 Pharmaceuticals

Senior Network Security Architect at Solstice Advanced Materials driving network security and Zero Trust strategy. Ensuring secure operations across corporate, cloud, and high-trust environments.

Cloud

TCP/IP