Vulnerability Management Engineer – Application Security (Mid-Level)

Vulnerability Management Engineer – Application Security (Mid-Level) NTT DATA is a team of more than 139,000 diverse professionals operating in more than 50 countries worldwide.

Our sectors of activity include telecommunications, finance, industry, utilities, energy, public administration, and health.

Our mission? Offer technological solutions, business, strategy, development, and application maintenance while being a benchmark in consulting.

Thanks to the collaboration between teams, the human quality of our people, and the fact that we do not conform to what is established, we always seek innovation that brings us closer to the future.

Our essence has led us to the forefront of technology, breaking paradigms and providing solutions that truly respond to each client's needs.

Our talent has led us to be one of the top six technology companies in the world.

Because #Greattech, needs #GreatPeople, like you NTT Data seeks high-achieving team players who quickly adapt to new challenges and entrepreneurial ventures.

We are looking fora Vulnerability Engineer to work with our global client onsite in Valencia, Spain OR remote in LATAM.

Location: Valencia, Spain or LATAM - if in Valencia, Spain will be 100% onsite, if in LATAM will be 100% remote Working Hours: U.S.

Eastern Time (9:00 AM – 5:00 PM ET) Role Overview We are seeking a mid-level engineer to identify, manage, and remediate application vulnerabilities throughout the software development lifecycle.

This role plays a key part in maintaining our security posture across web, mobile, and cloud-based applications.

Ideal candidates will have deep technical curiosity and practical experience with vulnerability scanning, security assessments, prioritization, and coordination of remediation efforts.

Key Responsibilities Execute and support application vulnerability assessments (SAST, DAST, SCA, and manual code review), ensuring findings are accurate, actionable, and relevant to application risk.

Validate scanner results, perform false-positive analysis, and track findings through remediation, including retesting to confirm effective fixes.