Security Engineer - Vulnerability Management

Key Responsibilities :

- Vulnerability Triage & Risk Assessment.

- Review and analyze vulnerability findings from tools (e.g., Snyk, Trivy, Aqua, Qualys, etc.).

- Prioritize vulnerabilities based on severity, exploitability, and business impact.

- Maintain a backlog of security issues and actively track remediation progress.

Code-Based Remediation Support :

- Partner with developers to remediate vulnerabilities across multiple languages including TypeScript, Python, JavaScript, Java, Ruby, Go, HCL, Shell, and SQL variants.

- Provide secure coding guidance and implement secure development patterns.

- Assist in refactoring insecure legacy code.

Container Security & Infrastructure Hardening :

- Remediate vulnerabilities in Docker images, base OS layers, and Kubernetes (AKS) configurations.

- Harden CI/CD pipelines and container orchestration using IaC (Terraform, HCL).

- Manage and maintain secure container images in registries.

Pipeline Integration & Automation :

- Integrate security tools into CI/CD workflows (e.g., GitHub Actions, Azure DevOps).

- Automate remediation suggestions and enforce policy gates for critical vulnerabilities.

- Write scripts and automation in Shell, Python, and Go for security enforcement.

Cross-Team Collaboration :

- Act as a bridge between development, security, and DevOps teams.

- Host working sessions and knowledge transfers on remediation strategies and DevSecOps best practices.

- Drive secure SDLC adoption across engineering teams.

Documentation & Reporting :

- Maintain clear documentation on remediation strategies, architecture decisions, and tool configurations.

- Provide metrics and reports to leadership on vulnerability trends and remediation velocity.