Who are we? As the founding entity of RAINBOW PARTNERS, Quanteam is a consulting firm specializing in the fields of Banking, Finance, and Financial Services. Guided by our core values of closeness, teamwork, diversity, and excellence, our team of 980 expert consultants, representing 35 different nationalities, collaborates across 10 international offices: Paris, Lyon, New York, Montreal, London, Brussels, Geneva, Lisbon, Porto and Casablanca. Committed to sustainability (Ecovadis Gold), diversity (gender index: 92%), and quality of work life (Best Workplace Experience), Quanteam is a forward-thinking enterprise.Our Expertise With a dual expertise in both business and IT, Quanteam supports its corporate clients (investment banks, asset management companies, private and retail banks, custodians, etc.) across the entire Front-to-Back spectrum in evolving their business activities and transformation projects.Our teams are organized into 5 expertise areas: Quantitative Finance Risk, Compliance, and Regulatory Operations and Finance Transformation and Organization Information SystemsWe are looking for aApplication Security Analyst.Main Tasks: Vulnerability Identification. Supervising the execution of regular scans (using tools like Qualys, Bitsight...) to detect vulnerabilities in software, hardware, and configurations. Monitoring threat intelligence feeds and security advisories (e.g., CVE databases) for emerging vulnerabilities. Risk Assessment & Prioritization. Evaluating vulnerabilities based on severity (e.g., scores), exploitability, and potential impact. Ensure that prioritization is followed and understanding the impacts when it is not. Collaborating with IT, development, and security teams (Pentest, Application Security, Regional teams) to follow up on ticket stock to patch or mitigate vulnerabilities. Ensuring timely application of security updates and workarounds. Ensure accurate and up-to-date data on relevant ticketing and reporting tools (e.g., Jira). Active follow up, review of findings through relevant tools in timely manner and engage stakeholders in remediation process.This includes triggering necessary escalations when needed to keep the stakeholders and management aware. Application Security analyst must be mindful of the remediation timescales defined by AppSec and relevant policies/procedures therefore expected to act/react in timely fashion ensuring remediation KPI/KRI/SLA. Take part in periodic/on demand conversations, emergency situations where necessary to act swiftly sharing the expertise and supporting in the vulnerability and noncompliance management process. Reporting & Compliance. Generating reports and KPI's for stakeholders (e.g., executives, auditors) on vulnerability status and progress of remediation. Ensuring compliance with standards (e.g., ISO 27001, NIST, ...). Continuous Improvement Refining vulnerability management processes based on lessons learned and evolving threats. Awareness to IT teams on secure coding practices and vulnerability awareness. Work on automation scripts to support BAU activity, using Powershell, Python, etc.Your Profile and Skills Vulnerability Management Tools (e.g.: NexusIQ, Fortify, SonarQube). OWASP. Application Security Testing tool (e.g. Qualys, AppSpider, Bitsight). Technology stack (web-app, infra, API, thick client, client-server). Ticketing Systems (JIRA, ServiceNow). Fluent in English (C1/C2). Notions in French (Plus).Hybrid work model, with presence required inLisbon or Porto offices.If you feel this opportunity is for you, send your CV and join our team!