# Vulnerability Management Engineer (Application Security) > Gramian Consulting Group · València, Spain (Hybrid) · Full-time · Posted 2026-06-26 **Workplace:** hybrid **Department:** Recruiting - S+ ## Description **About Us** **Gramian Consultancy** is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in software engineering and leadership, we help companies build high-performing teams by matching them with professionals who truly fit their needs. **Role Overview** Our client is a global technology and digital transformation consultancy delivering enterprise IT operations and cloud management solutions for large international organizations. Their teams help modernize IT infrastructure through automation, observability, and Service Management platforms. We are looking for a **mid-level** Vulnerability Management Engineer with experience in **Application Security**, **vulnerability assessment**, and **security remediation**. In this role, you will help identify, prioritize, and coordinate the remediation of security vulnerabilities throughout the software development lifecycle, working closely with development, DevOps, and security teams to improve the organization's overall security posture. **CONTRACT:** Contractor **COMMITMENT:** Full-time **LOCATION:** Valencia, Spain (Hybrid / Primarily On-site) **PROCESS:** 2 Client Interview Process **NOTE: English-speaking environment. Spanish is not needed.** **Responsibilities** - Perform **application vulnerability assessments** across web, mobile, and cloud applications - Analyze and prioritize security findings based on **risk** and business impact - Coordinate remediation activities with development and engineering teams - Support vulnerability management throughout the **Software Development Lifecycle (SDLC)** - Conduct security reviews and validate remediation efforts - Work with automated **vulnerability scanning** and security assessment tools - Track vulnerability metrics and report on remediation progress - Collaborate with DevOps and infrastructure teams to improve security practices - Contribute to application security processes, standards, and documentation - Promote secure development practices across engineering teams ## Requirements - 3+ years of experience in **Application Security**, **Vulnerability Management**, or Cybersecurity - Hands-on experience with **vulnerability scanning** and security assessment tools - Strong understanding of **OWASP Top 10** and common application security vulnerabilities - Experience assessing **web**, **mobile**, and/or **cloud-based applications** - Knowledge of secure software development practices and the **SDLC** - Experience prioritizing and coordinating vulnerability remediation - Familiarity with cloud environments (AWS, Azure, or GCP) - Experience working in Agile development environments ### Preferred Qualifications - Security certifications such as Security+, CEH, OSCP, CSSLP, or similar - Experience with SAST, DAST, SCA, or container security tools - Knowledge of CI/CD security practices and DevSecOps - Experience performing threat modeling or secure code reviews - Experience working with enterprise vulnerability management platforms ## Apply [Apply at Gramian Consulting Group](https://apply.workable.com/gramian/j/1EB88E4A5E/apply) --- Powered by [Workable](https://www.workable.com)