Application Security Analyst - Vulnerability Management

📋 Description

• Own day-to-day triage and lifecycle mgmt of app security findings across tools.
• Analyze findings from SAST, SCA, Defender for app, container, and cloud workloads.
• Validate findings for FP, relevance, exploitability, and impact.
• Prioritize vulnerabilities based on risk, asset criticality, and business context.
• Track remediation progress and enforce agreed SLAs.
• Use an ASPM platform to correlate findings and reduce noise.

🎯 Requirements

• 3+ years in Application Security and Vulnerability Management.
• Hands-on with SAST, SCA, and DAST tools (Mend.io, SonarQube, Veracode, Snyk).
• Knowledge of OWASP Top 10 and common CWEs/CVEs.
• Experience with ASPM platforms, CI/CD and GitHub workflows.
• Experience reducing false positives and tuning AppSec tools.
• Strong written and verbal communication; translate findings into remediation guidance.

🎁 Benefits

• Hybrid work arrangement with 2 days in the Hyderabad office.
• Growth-focused, diverse and inclusive culture.
• Guiding principles: Take Ownership, Be Open, Stay Curious, Work as One.