Vulnerability Management Specialist

Information Security Specialist Raleigh, North Carolina, United States
Job Description

Job Overview:
We are looking for a Vulnerability Management Specialist with expertise in AWS cloud security and application security. The candidate will be ensuring our applications and AWS infrastructure are secure by identifying, assessing, and addressing vulnerabilities. You will work closely with our DevOps, application development, and security teams to implement best practices and remediation strategies.

Key Responsibilities:
Vulnerability Identification & Management:
Conduct regular scans and assessments of AWS infrastructure and applications for vulnerabilities.
Evaluate security tools for vulnerability detection, tracking, and reporting.
Prioritize vulnerabilities based on risk impact and work with teams to remediate them.
AWS Security:
Implement and maintain security best practices for AWS infrastructure, including EC2, S3, IAM, Lambda, and VPC security.
Continuously monitor AWS environments for potential threats and misconfigurations.
Use AWS services like Security Hub, Inspector, and GuardDuty to detect security issues.
Application Security:
Perform security reviews of application architecture and design.
Collaborate with development teams to integrate security into the Software
Development Life Cycle (SDLC).
Conduct static and dynamic application security testing (SAST/DAST) to identify and resolve security weaknesses.
Incident Response & Remediation:
Work with internal and external teams to respond to security incidents.
Perform root cause analysis and recommend preventative measures.
Create and maintain playbooks for vulnerability and incident response processes.
Compliance & Reporting:
Ensure adherence to compliance standards such as GDPR, HIPAA, PCI-DSS, or other regulatory frameworks.
Generate reports for executive leadership and auditors about vulnerability status and remediation efforts.
Collaboration:
Work closely with DevOps, Security, and Development teams to integrate security practices into day-to-day operations.
Provide guidance and training on security practices to relevant stakeholders.

Required Skills and Qualifications:
Bachelors Degree in Information Security, Computer Science, or a related field, or equivalent experience.
8+ years of experience in vulnerability management, AWS security, and/or application security.
Strong knowledge of AWS services and best practices, including IAM, S3, EC2, and Lambda.
Proficient in vulnerability scanning tools (e.g., Wiz, Qualys, AWS Security).
Hands-on experience with SAST and DAST tools (e.g., Snyk, Sonarqube).
Solid understanding of OWASP Top 10, CWE, and other application security
frameworks.
Experience with automation and CI/CD pipelines to enhance vulnerability management workflows.
Familiarity with container security (e.g., Docker, Kubernetes).
Knowledge of threat modeling, risk assessments, and penetration testing.

Preferred Qualifications:
AWS Certifications such as AWS Certified Security Specialty.
Experience with DevSecOps practices.
Knowledge of Infrastructure as Code (e.g., Terraform, CloudFormation).
Experience in securing API and microservices-based architectures.

Work in United States
Employment Options
Base Salary

4,500 USD

Required Academic Degree
Professional Experience
Skills
  • AWS
  • SAST
  • DAST
  • OWASP
  • CI
  • CD
  • Kubernetes
  • Terraform
Apply to Job

Company

Company Name

Amplifi Labs

Company Details

View Amplifi Labs details

Recruiter

Laura Scheinpflug

Tech Recruiter

Novo Hamburgo, Rio Grande do Sul, Brazil

View Details