Vulnerability Management Application Security Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

360CyberX ยท 7 hours ago

Vulnerability Management Application Security Lead

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level

360CyberX is focused on enhancing security in enterprise and client environments, and they are seeking a Vulnerability Management & Application Security Lead. This role is responsible for leading vulnerability management and application security programs, ensuring effective identification and remediation of vulnerabilities while collaborating with various teams to integrate security into the software development lifecycle.

Computer & Network Security

Responsibilities

Lead and mature the enterprise vulnerability management program, including vulnerability discovery, prioritization, remediation tracking, and risk reporting
Own application security initiatives across the SDLC, including secure design reviews, threat modeling, and security testing
Oversee and optimize vulnerability scanning tools for infrastructure, cloud, containers, and applications (SAST, DAST, SCA, IAST as applicable)
Partner with development and DevOps teams to integrate security testing into CI/CD pipelines and promote secure-by-design practices
Analyze vulnerability data and threat intelligence to prioritize remediation based on exploitability, business impact, and risk context
Define and enforce vulnerability remediation SLAs and exception processes
Conduct application security reviews, including architecture assessments, code review support, and validation of remediation efforts
Collaborate with SOC and incident response teams to address actively exploited vulnerabilities and emerging threats
Develop and maintain vulnerability management metrics, dashboards, and executive-level reporting
Support audits, risk assessments, and compliance initiatives aligned with frameworks such as NIST, CIS, ISO, and regulatory requirements
Mentor engineers and security staff on secure coding practices, vulnerability remediation, and application security awareness
Contribute to the development of security standards, guidelines, and best practices related to vulnerability and application security

Qualification

Vulnerability managementApplication securityCI/CD integrationRisk-based prioritizationSecurity frameworksVulnerability scanning toolsAnalytical skillsSecure coding practicesCommunication skillsLeadership skillsMentoringCollaboration

Required

Strong experience leading vulnerability management and application security programs in enterprise environments
Deep understanding of application security concepts, common vulnerabilities (e.g., OWASP Top 10), and secure software development practices
Hands-on experience with vulnerability scanning and application security tools (e.g., SAST, DAST, SCA, container scanning, cloud security tools)
Experience integrating security controls and testing into CI/CD pipelines and modern DevOps workflows
Strong understanding of risk-based vulnerability prioritization, including exploitability, threat intelligence, and business impact
Proven ability to work cross-functionally with engineering, DevOps, cloud, and security operations teams
Strong analytical, communication, and leadership skills, with the ability to influence remediation outcomes
Familiarity with security frameworks and standards such as NIST CSF/RMF, CIS Controls, and ISO 27001
Bachelor's degree in Computer Science, Cybersecurity, or a related field

Preferred

Relevant certifications such as GWAPT, CSSLP, OSCP, Security+, or cloud security certifications

Company

360CyberX

twitter
company-logo
360Cyberx, LLC is a security-first technology partner that helps organizations prevent breaches, keep systems online, and prove compliance.
dateFounded in 2020
location
Dallas, Texas, US
people-size11-50 employees
web-link
https://www.360Cyberx.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase