Application Security Analyst – Vulnerability Management (Hybrid)
Share
Job Location:
Monthly Salary:
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
APPLICATION SECURITYANALYST VULNERABILITY MANAGEMENT(HYBRID LISBON OR PORTO)
Portuguese company hires for hybrid position
Location: Porto orLisbon Portugal
Only candidates already basedin Portugal will be considered
Work Model: Hybrid
Language Requirements:English C1 (mandatory) French A2 (nice to have)
Seniority: Senior (6years) 3 years specifically in Vulnerability Management
Sector: Banking
Instructions: Please send yourCV in English and make sure to include all skills and experience that match therequirements of the opportunity. This will significantly increase your chancesof success.
Role Overview
You will be responsible for ensuring the securitycompliance of applications in production leading vulnerabilitymanagement processes and driving remediation efforts. This rolerequires strong expertise in security testing tools risk assessment andsecure development practices working closely with IT security anddevelopment teams.
Key Responsibilities
- Conduct vulnerability identification and analysis across applications and systems
- Oversee security scans using tools such as Qualys BitSight AppSpider
- Monitor threat intelligence sources (CVE databases advisories)
- Perform risk assessment and prioritization based on severity and impact
- Coordinate remediation activities with development and IT teams
- Track and manage vulnerabilities through ticketing systems (Jira ServiceNow)
- Ensure adherence to remediation SLAs KPIs and KRIs
- Produce reports and dashboards for stakeholders and governance bodies
- Ensure compliance with security standards (ISO 27001 NIST etc.)
- Promote secure coding practices and AppSec awareness
- Contribute to automation initiatives (Python PowerShell)
- Continuously improve vulnerability management processes
Must-Have Skills
- Strong experience in Vulnerability Management and Application Security
- Deep knowledge of OWASP Top 10 and security best practices
- Hands-on experience with security testing tools (SAST/DAST/SCA)
- Experience with vulnerability management platforms (Fortify Nexus IQ SonarQube)
- Familiarity with ticketing systems (Jira ServiceNow)
- Strong understanding of web applications APIs and infrastructure security
- Knowledge of DevSecOps and SSDLC practices
Nice to Have
- Certifications such as CISSP CEH Security CC
- Experience in penetration testing or security architecture
- Knowledge of Power BI for reporting and dashboards
- Experience with automation scripting (Python PowerShell)
- Background in risk assessment and compliance frameworks
Soft Skills
- Strong analytical and critical thinking skills
- Excellent organizational and prioritization abilities
- Ability to collaborate across international teams
- High level of autonomy and accountability
- Strong attention to detail and rigor
Why Join
- Work on enterprise-scale cybersecurity initiatives
- Be part of a global Application Security and Risk Management team
- Gain exposure to advanced vulnerability management practices and tools
- Contribute to security governance and compliance at scale
- Grow into senior cybersecurity leadership roles
Keywords
Application Security Vulnerability Management AppSecOWASP SAST DAST SCA Qualys BitSight AppSpider Fortify Nexus IQSonarQube DevSecOps SSDLC CVE Risk Assessment ISO27001 NIST JiraServiceNow Python PowerShell
#CI - PROC26197
Required Experience:
IC
