Logo for SRM Technologies

Application Security - Vulnerability Discovery

Role overview

Qualifications

  • 3+ years experience in application security engineering
  • Strong communication skills and relationship building skills
  • Experience in building and scaling the Secure Development Lifecycle
  • Strong understanding of common application security vulnerabilities (OWASP Top 10, API Security, authentication, authorization, secrets management, cryptography, etc.)

Responsibilities

  • Triage, validate, and prioritize security vulnerabilities identified through manual reviews, automated tooling, bug bounty reports, and AI-assisted security analysis platforms.
  • Participate in on-call rotation to support security incident triage, perform code reviews, and address security questions.
  • Partner closely with engineering teams to drive remediation efforts, provide actionable guidance, and ensure timely closure of security findings based on risk and severity.
  • Collaborate with Product Security Architecture and development teams to improve vulnerability detection, prioritization, and remediation processes.

About the company

SRM Technologies logo

SRM Technologies

IT Services & IT Consulting

SRM Technologies is a global IT services company specialising in automotive technologies, digital transformation and product engineering services. We provide technology consulting, platform development, data analytics, artificial intelligence, cloud enablement, digital infrastructure, quality assurance, embedded software and design to manufacturing product solutions to various industries and enterprises across the USA, Japan and India. At the heart of our organization are passionate employees who embody our core belief - 'ideas@work.' We firmly believe that ideas and innovation truly matter only when they create a meaningful impact on our customers' businesses and the lives of their end customers. Therefore, we prioritize the practical application of these ideas and their transformative impact through our talented and ever-growing workforce. 𝘚𝘙𝘔 𝘛𝘦𝘤𝘩 𝘪𝘴 𝘢 𝘱𝘳𝘰𝘶𝘥 𝘮𝘦𝘮𝘣𝘦𝘳 𝘰𝘧 𝘵𝘩𝘦 𝘚𝘙𝘔 𝘎𝘳𝘰𝘶𝘱, 𝘢 𝘮𝘶𝘭𝘵𝘪𝘯𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘤𝘰𝘯𝘨𝘭𝘰𝘮𝘦𝘳𝘢𝘵𝘦 𝘸𝘪𝘵𝘩 𝘢 𝘳𝘪𝘤𝘩 𝘩𝘪𝘴𝘵𝘰𝘳𝘺 𝘴𝘱𝘢𝘯𝘯𝘪𝘯𝘨 𝘰𝘷𝘦𝘳 𝘧𝘰𝘶𝘳 𝘥𝘦𝘤𝘢𝘥𝘦𝘴. 𝘛𝘩𝘦 𝘚𝘙𝘔 𝘎𝘳𝘰𝘶𝘱 𝘰𝘱𝘦𝘳𝘢𝘵𝘦𝘴 𝘪𝘯 𝘥𝘪𝘷𝘦𝘳𝘴𝘦 𝘴𝘦𝘤𝘵𝘰𝘳𝘴, 𝘪𝘯𝘤𝘭𝘶𝘥𝘪𝘯𝘨 𝘌𝘥𝘶𝘤𝘢𝘵𝘪𝘰𝘯, 𝘛𝘦𝘤𝘩𝘯𝘰𝘭𝘰𝘨𝘺, 𝘏𝘦𝘢𝘭𝘵𝘩𝘤𝘢𝘳𝘦, 𝘢𝘯𝘥 𝘔𝘦𝘥𝘪𝘢.

Company details

Company typeLarge
IndustryIT Services & IT Consulting
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

This is a remote position.

Product Security Engineer CW Job Description

This document outlines the job description for an Application Security Engineer (Contractor) that will be partnering with the Product Security organization 

 

Team Description 

As part of the Product Security Engineering team, you’ll be working to reduce overall security risk across Dropbox. We partner with engineering and product teams during each point of the software development lifecycle (SDLC) and help drive broader security initiatives across Dropbox.

 

Product Security Engineers provide security impact by developing secure-by-default libraries and frameworks that teams across Dropbox can frictionlessly integrate into their products. They also offer their expertise on security matters through documentation and educational initiatives.

Responsibilities

  • Triage, validate, and prioritize security vulnerabilities identified through manual reviews, automated tooling, bug bounty reports, and AI-assisted security analysis platforms.
  • Participate in on-call rotation to support security incident triage, perform code reviews, and address security questions.
  • Partner closely with engineering teams to drive remediation efforts, provide actionable guidance, and ensure timely closure of security findings based on risk and severity.
  • Review security-related pull requests and code changes, providing guidance on secure implementation patterns and identifying potential vulnerabilities before production deployment.
  • Analyze findings generated by AI-powered security agents and automation platforms, validate results, reduce false positives, and help drive remediation workflows across engineering teams.
  • Collaborate with Product Security Architecture and development teams to improve vulnerability detection, prioritization, and remediation processes.
  • Support security incident investigations and root cause analysis when vulnerabilities or application security issues are discovered.
  • Develop security tooling, automation, and workflows that improve security coverage and reduce manual effort for security reviews and vulnerability management.
  • Administer and manage vulnerability scanning tools (e.g., Tenable or similar)
  • Configure, optimize, and maintain scanning tools, policies, and schedules
  • Track and report on remediation progress, security metrics, and risk reduction initiatives across assigned engineering organizations.
  • Contribute to security documentation, best practices, and developer education efforts to improve secure coding practices across Dropbox.

 

Requirements

  • Available to work until 11:00AM Pacific Standard Time (PST).
  • 3+ years experience in application security engineering
  • Strong communication skills and relationship building skills
  • Experience in building and scaling the Secure Development Lifecycle
  • Experience with handling vulnerability, and bug bounty reports
  • Experience partnering with cross-functional engineering and product teams
  • Experience triaging, validating, and prioritizing security vulnerabilities from static analysis, dynamic analysis, dependency scanning, penetration testing, or bug bounty programs.
  • Experience partnering with software engineering teams to drive remediation and risk reduction efforts.
  • Strong understanding of common application security vulnerabilities (OWASP Top 10, API Security, authentication, authorization, secrets management, cryptography, etc.).
  • Experience reviewing source code and identifying security vulnerabilities in modern programming languages and frameworks.
  • Familiarity with security tooling such as SAST, DAST, SCA, IaC scanning, secrets detection, and vulnerability management platforms.
  • Experience working with cloud-native architectures and public cloud environments (AWS preferred).
  • Ability to evaluate security findings, distinguish signal from noise, and communicate risk-based remediation recommendations.
  • Familiarity with AI-assisted development workflows, AI-powered security tooling, or LLM-based security use cases is a plus.

 



Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Related jobs

Other jobs at SRM Technologies

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.