More jobs:
Information Security Engineer
Job in
Almont, Gunnison County, Colorado, 81210, USA
Listed on 2026-06-25
Listing for:
Eliassen Group
Full Time
position Listed on 2026-06-25
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Description:
Remote
Our client seeks an Information Security Engineer to support Enterprise Vulnerability Management Application Security operations. The role focuses on vulnerability intake, triage, and validation, including managing submissions from the Vulnerability Disclosure and Bug Bounty Programs and evaluating false positive review requests. The engineer will assess validity and impact, coordinate remediation ownership, track items within centralized processes, and communicate findings and guidance to application and engineering teams.
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $80.00 to $90.00/hr. w2
Responsibilities:
- Review and triage vulnerability submissions from external researchers through VDP and BBP.
- Validate technical accuracy, exploitability, and business impact.
- Assess severity using established scoring models and program standards.
- De-duplicate and disposition invalid or non-actionable submissions.
- Classify vulnerabilities using established taxonomy and assign remediation owners.
- Support vulnerability tracking within centralized tools and processes.
- Evaluate false positive requests from application teams.
- Analyze SAST and SCA findings and perform source code review as needed.
- Provide evidence-based dispositions with clear rationale.
- Contribute to triage standards, playbooks, and procedures.
- Maintain awareness of common application security vulnerabilities and emerging threats.
- Ensure alignment with internal policies, standards, and regulatory expectations.
- Maintain defensible documentation and evidence for audit and reviews.
- Escalate high-risk or time-sensitive vulnerabilities as appropriate.
- Communicate findings, impact, and remediation guidance to stakeholders and partner to enable timely remediation.
- 3-5 years in information security, application security, or vulnerability management.
- Experience with vulnerability triage, validation, and prioritization.
- Strong understanding of application security principles, secure development practices, and common vulnerabilities such as the OWASP Top 10.
- Familiarity with vulnerability scanning tools and outputs including SAST, SCA, and DAST.
- Ability to review and understand source code to validate vulnerabilities.
- Experience with vulnerability management or tracking platforms such as ticketing systems and dashboards.
- Strong analytical skills to assess exploitability and business risk.
- Strong attention to detail and ability to make defensible decisions.
- Effective verbal and written communication tailored to management, business sponsors, and technical resources.
- Previous experience with distributed or offshore teams desired.
- Financial industry experience is a plus.
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience.
Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (, ) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position.
All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.
Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.
W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:
When you work with Eliassen Group, all email communication will come from an address, never Gmail,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×