About Us
Gramian Consultancy is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in software engineering and leadership, we help companies build high-performing teams by matching them with professionals who truly fit their needs.

Role Overview

Our client is a global technology and digital transformation consultancy delivering enterprise IT operations and cloud management solutions for large international organizations. Their teams help modernize IT infrastructure through automation, observability, and Service Management platforms.

We are looking for a mid-level Vulnerability Management Engineer with experience in Application Security, vulnerability assessment, and security remediation. In this role, you will help identify, prioritize, and coordinate the remediation of security vulnerabilities throughout the software development lifecycle, working closely with development, DevOps, and security teams to improve the organization's overall security posture.

CONTRACT: Contractor

COMMITMENT: Full-time

LOCATION: Valencia, Spain (Hybrid / Primarily On-site)

PROCESS: 2 Client Interview Process

NOTE: English-speaking environment. Spanish is not needed.

Responsibilities

• Perform application vulnerability assessments across web, mobile, and cloud applications
• Analyze and prioritize security findings based on risk and business impact
• Coordinate remediation activities with development and engineering teams
• Support vulnerability management throughout the Software Development Lifecycle (SDLC)
• Conduct security reviews and validate remediation efforts
• Work with automated vulnerability scanning and security assessment tools
• Track vulnerability metrics and report on remediation progress
• Collaborate with DevOps and infrastructure teams to improve security practices
• Contribute to application security processes, standards, and documentation
• Promote secure development practices across engineering teams

Requirements

• 3+ years of experience in Application Security, Vulnerability Management, or Cybersecurity
• Hands-on experience with vulnerability scanning and security assessment tools
• Strong understanding of OWASP Top 10 and common application security vulnerabilities
• Experience assessing web, mobile, and/or cloud-based applications
• Knowledge of secure software development practices and the SDLC
• Experience prioritizing and coordinating vulnerability remediation
• Familiarity with cloud environments (AWS, Azure, or GCP)
• Experience working in Agile development environments

Preferred Qualifications

• Security certifications such as Security+, CEH, OSCP, CSSLP, or similar
• Experience with SAST, DAST, SCA, or container security tools
• Knowledge of CI/CD security practices and DevSecOps
• Experience performing threat modeling or secure code reviews
• Experience working with enterprise vulnerability management platforms