At Sii Group Colombia we are looking for a Vulnerability Management Analyst for an international project in the Technology sector.
Main Responsibilities
• Manage application vulnerability management processes across the software development lifecycle (SDLC)
• Analyze application security findings, prioritize risks, and coordinate remediation with development teams
• Work with SAST, DAST or SCA tools (e.g., Veracode or similar) to identify vulnerabilities in applications and APIs
• Create and manage remediation tickets, ensuring follow-up and compliance with SLAs
• Define compensating controls and support secure coding practices when needed
• Prepare executive reports and dashboards to communicate application security posture
Requirements
• 3–5+ years of experience in Application Security, AppSec or Vulnerability Management
• Hands-on experience with Veracode, Checkmarx, Fortify, Snyk or similar tools
• Experience with SAST, DAST or SCA methodologies
• Experience working within the software development lifecycle (SDLC)
• Experience identifying and managing vulnerabilities in applications and APIs
• Strong experience coordinating with development teams
• Portuguese required and English (B2–C1) is required for interviews and daily communication
Working Conditions
Work model: Hybrid (Santo André, São Paulo)
Salary: Based on experience, competitive + benefits