Application Security Analyst - Vulnerability Management
CONSORT Group • Porto
Publicado em 07/04/2026 às 12:01
Full-time
Informática (Programação)
Remoto
Descrição da Vaga
Every moment counts. Especially those you live to the fullest. Welcome to Consort Group.
For over 30 years, Consort Group has been helping companies leverage their data and infrastructure. It is backed by two leaders, Consortis and Consortia, and places people and social responsibility at the heart of its values.
This is your future team
Established in 2021, Consort Portugal supports the strategic offshoring choices of our clients, particularly in Europe, and brings our expertise in infrastructure services to the Portuguese market. With a team of around 45 employees, our Service Center based in Porto is developing a dynamic nearshore business, offering the French and European markets an environment of excellence and high potential.
Application Security Analyst - Vulnerability Management
This is your mission
Are you passionate about application security and vulnerability management? Then this position is for you.
As Application Security / Vulnerability Management Analyst, you will be responsible for analyzing security compliance, managing vulnerabilities, and supporting remediation across applications.
Build side:
* Define and improve vulnerability management processes and security procedures
* Analyze security testing results (DAST and similar tools) and identify vulnerabilities
* Assess risks based on severity, exploitability, and business impact
* Collaborate with teams to promote secure coding practices and application security awareness
* Develop automation scripts to support vulnerability management activities
Run side:
* Supervise execution of vulnerability scans (e.g., Qualys, Bitsight)
* Monitor threat intelligence sources and security advisories (e.g., CVE)
* Coordinate remediation with IT, development, and security teams
* Track vulnerabilities and ensure updates in ticketing tools (JIRA, ServiceNow)
* Ensure compliance with security standards (ISO 27001, NIST)
* Produce reports and KPIs on vulnerability status and remediation progress
* Ensure adherence to remediation timelines (KPI/KRI/SLA) and escalate when necessary
This is your background
You have at least 5 years of experience in application security, including 3 years in vulnerability management. You have experience working with security tools, vulnerability analysis, and remediation processes.
This is your career path.
You have experience working on application security, vulnerability management, and collaborating with multiple stakeholders. You contribute to improving security processes and ensuring compliance.
This is your expertise:
* Vulnerability management tools (NexusIQ, Fortify, SonarQube)
* Application security testing tools (Qualys, AppSpider, Bitsight)
* OWASP principles
* Application and infrastructure technologies (web apps, APIs, client-server)
* Ticketing tools (JIRA, ServiceNow)
* DevSecOps and Secure SDLC
* Risk assessment and vulnerability analysis
* Scripting (PowerShell, Python)
* Power BI (knowledge)
This is how you work as part of a team:
* Strong organizational skills
* Ability to collaborate across distributed teams
* Analytical mindset and critical thinking
* Attention to detail and rigor
* Autonomy and decision-making ability
Language Skills :
* English – Mastery
* French – Notions
This is our commitment
At Consort Group, you are an expert who we support so that every assignment becomes a step that counts.
* Attentive and human onboarding
* A truly hands-on management style
* Continuous training opportunities
* Concrete commitments: inclusion, equality, solidarity
* A comprehensive HR package: health insurance, TR card, CSE, pension plan
* A culture of feedback and meaningful projects
The recruitment process:
* An initial phone call with our recruitment team
* An HR interview and a job interview with a business engineer
* A test or technical interview with one of our experts
* A final meeting with your future manager or project manager
* And if we're a good fit, we'll get started together
Good to know
Location: Porto or Lisbon
Contract: Permanent contract / B2B
Remote work: Hybrid depending on assignment
Job category: Cybersecurity / Application Security
What you will do here, you won't do anywhere else.
This moment is yours.
For over 30 years, Consort Group has been helping companies leverage their data and infrastructure. It is backed by two leaders, Consortis and Consortia, and places people and social responsibility at the heart of its values.
This is your future team
Established in 2021, Consort Portugal supports the strategic offshoring choices of our clients, particularly in Europe, and brings our expertise in infrastructure services to the Portuguese market. With a team of around 45 employees, our Service Center based in Porto is developing a dynamic nearshore business, offering the French and European markets an environment of excellence and high potential.
Application Security Analyst - Vulnerability Management
This is your mission
Are you passionate about application security and vulnerability management? Then this position is for you.
As Application Security / Vulnerability Management Analyst, you will be responsible for analyzing security compliance, managing vulnerabilities, and supporting remediation across applications.
Build side:
* Define and improve vulnerability management processes and security procedures
* Analyze security testing results (DAST and similar tools) and identify vulnerabilities
* Assess risks based on severity, exploitability, and business impact
* Collaborate with teams to promote secure coding practices and application security awareness
* Develop automation scripts to support vulnerability management activities
Run side:
* Supervise execution of vulnerability scans (e.g., Qualys, Bitsight)
* Monitor threat intelligence sources and security advisories (e.g., CVE)
* Coordinate remediation with IT, development, and security teams
* Track vulnerabilities and ensure updates in ticketing tools (JIRA, ServiceNow)
* Ensure compliance with security standards (ISO 27001, NIST)
* Produce reports and KPIs on vulnerability status and remediation progress
* Ensure adherence to remediation timelines (KPI/KRI/SLA) and escalate when necessary
This is your background
You have at least 5 years of experience in application security, including 3 years in vulnerability management. You have experience working with security tools, vulnerability analysis, and remediation processes.
This is your career path.
You have experience working on application security, vulnerability management, and collaborating with multiple stakeholders. You contribute to improving security processes and ensuring compliance.
This is your expertise:
* Vulnerability management tools (NexusIQ, Fortify, SonarQube)
* Application security testing tools (Qualys, AppSpider, Bitsight)
* OWASP principles
* Application and infrastructure technologies (web apps, APIs, client-server)
* Ticketing tools (JIRA, ServiceNow)
* DevSecOps and Secure SDLC
* Risk assessment and vulnerability analysis
* Scripting (PowerShell, Python)
* Power BI (knowledge)
This is how you work as part of a team:
* Strong organizational skills
* Ability to collaborate across distributed teams
* Analytical mindset and critical thinking
* Attention to detail and rigor
* Autonomy and decision-making ability
Language Skills :
* English – Mastery
* French – Notions
This is our commitment
At Consort Group, you are an expert who we support so that every assignment becomes a step that counts.
* Attentive and human onboarding
* A truly hands-on management style
* Continuous training opportunities
* Concrete commitments: inclusion, equality, solidarity
* A comprehensive HR package: health insurance, TR card, CSE, pension plan
* A culture of feedback and meaningful projects
The recruitment process:
* An initial phone call with our recruitment team
* An HR interview and a job interview with a business engineer
* A test or technical interview with one of our experts
* A final meeting with your future manager or project manager
* And if we're a good fit, we'll get started together
Good to know
Location: Porto or Lisbon
Contract: Permanent contract / B2B
Remote work: Hybrid depending on assignment
Job category: Cybersecurity / Application Security
What you will do here, you won't do anywhere else.
This moment is yours.
Precisa de estar logado para se candidatar.
Login para Candidatar