Application Security Vulnerability Engineer

MatchPoint Solutions is a fast-growing young energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber Robinhood Netflix Airbnb Google Sephora and more! More recently we have expanded to working internationally in Canada China Ireland UK Brazil and India. Through our culture of innovation we inspire build and deliver business results from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position please send over your updated resume. We look forward to hearing from you!

Application Security Vulnerability Engineer

Location: Remote (Preferred: Bethlehem PA)

Experience: 5 7 Years

Pay rate: $70 - $75/hr on W2

Team: Application Security Overview We are seeking a Vulnerability Engineer to join our Application Security team and support the day-to-day operations of a mature vulnerability management program. This individual will work closely with application development cloud engineering infrastructure and security teams to identify assess prioritize and drive remediation of vulnerabilities across a diverse technology environment.

The ideal candidate combines strong technical vulnerability management expertise with the ability to collaborate effectively across distributed teams and communicate risk in a way that enables action. This role is an individual contributor position with no people management responsibilities and will operate as part of a globally distributed team with resources located in both the United States and India.

Key Responsibilities

• Manage and support vulnerability management activities across applications cloud environments containers and supporting infrastructure.
• Perform vulnerability analysis validation prioritization and remediation tracking using industry-standard security tools.
• Partner with application development teams to identify security risks and provide practical remediation recommendations.
• Analyze findings from application security cloud security container security and external attack surface management platforms.
• Drive vulnerability lifecycle management from identification through remediation and closure.
• Support risk-based prioritization efforts by evaluating exploitability business impact exposure and threat intelligence.
• Collaborate with engineering teams to establish remediation timelines and ensure security findings are addressed appropriately.
• Monitor and report on vulnerability trends remediation metrics and overall program effectiveness.
• Participate in vulnerability reviews security assessments and operational security activities.
• Assist with improving vulnerability management processes automation opportunities and operational efficiencies.
• Support external security posture monitoring and vendor risk visibility initiatives. Required Qualifications
• 5 7 years of experience in Vulnerability Management Application Security Security Engineering or related Cybersecurity disciplines.
• Strong understanding of vulnerability management frameworks risk scoring methodologies and remediation practices.
• Experience using vulnerability management platforms such as / Tenable SaaS.
• Experience working with modern cloud-native and containerized environments.
• Familiarity with container security concepts and vulnerability management within Kubernetes Docker or similar environments.
• Experience collaborating directly with software development teams to remediate security findings.
• Knowledge of common application security vulnerabilities including the OWASP Top 10.
• Strong understanding of CVEs CVSS scoring exploitability analysis and security risk assessment.
• Ability to communicate technical findings and risk posture to both technical and non-technical stakeholders.
• Experience working within globally distributed teams. Preferred Qualifications
• Hands-on experience with:
  • Prisma Cloud
  • Snyk
  • SecurityScorecard
  • BitSight
• Experience supporting cloud environments within AWS Azure or GCP.
• Understanding of Software Development Lifecycle (SDLC) and secure development practices.
• Familiarity with CI/CD security integrations and DevSecOps methodologies.
• Experience supporting container security and software supply chain security initiatives.
• Security certifications such as Security GSEC GCIH GPEN CISSP or comparable credentials. What Success Looks Like
• Vulnerabilities are accurately triaged and prioritized based on risk.
• Application and engineering teams receive actionable remediation guidance.
• Remediation SLAs are consistently met or exceeded.
• Security tooling is effectively leveraged to improve visibility and reduce organizational risk.
• Strong collaboration is maintained across US and India-based security and engineering teams.

MatchPoint Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.