Your Tasks

• Join our dynamic Vulnerability & Exposure Management Operations team, where we proactively strengthen the organization's security posture. We are a strategic partner dedicated to prioritising, assigning, advising, addressing and monitoring vulnerabilities and exposures in a structured and collaborative way. Our approach is founded on two core principles: robust governance to ensure our processes are consistent and reliable, and unwavering customer centricity to foster strong, collaborative partnerships with technical and business teams.
• Manage, maintain and optimize our already established processes and services to prioritise, assign, advise, address and monitor detected vulnerabilities and exposures.
• Actively work on new services, processes and projects, helping to define action plans and improvements, contributing with their operationalization and automatization.
• Analyze and triage vulnerabilities and exposures, applying risk-based prioritization and environment context using different frameworks like CVSS.
• Collaborate with asset owners, infrastructure teams, and other relevant stakeholders, providing clear, actionable guidance on secure configuration standards and best practices to facilitate effective remediation activities.
• Work on the operationalization of the findings detected by our web application scanning tool, working and supporting directly the development teams on how to resolve web application based vulnerabilities and exposures.
• Develop and maintain remediation guidelines for security misconfigurations (Non-CVE’s) in different environments (eg. Active Directory) and web applications related vulnerabilities and exposures to ensure consistent and effective risk reduction across multiple environments.
• Generate and present metrics, reports, and dashboards to communicate the effectiveness of current security and risk posture to stakeholders at all levels.
• Act as the primary (1st level) point of contact for stakeholders, providing timely support, troubleshooting guidance, and driving engagement through targeted workshops, training sessions, and enablement initiatives.
• Stay updated on emerging threats, misconfigurations, and best practices for securing enterprise environments.

Your Profile

• 5–6 years of working experience on Cybersecurity Operations as a Security Analyst or similar role, with a focus on Vulnerability and Exposure Management.
• Strong hands-on experience with vulnerability and exposure management tools (e.g., Tenable, Burp Suite, XM Cyber).
• Solid understanding of security misconfigurations (Non-CVE’s) and CVE’s, and their remediation techniques.
• Knowledge of security industry-standard frameworks and methodologies, such as OWASP for web applications and APIs.
• Knowledge of operating systems (Windows, Linux), networking principles, web application architecture and IAM environments (eg. Active Directory).
• Excellent communication and interpersonal skills, with a proven ability to translate complex technical issues for diverse audiences.
• Proficiency with IT service management or ticketing systems (e.g., Jira, ServiceNow).
• Fluent English, written and spoken.
• Love to work with customers and satisfy their needs.
• Good work quality.
• Tasks prioritization.
• Independent working ability.
• Ability to document.
• Professional behaviour.
• Capacity of team work.
• Self-critical thinking and acting.
• Independence.
• Initiative.
• Willingness to learn.
• Flexibility to changes.

Nice to Have

• Knowledge of security best practices in cloud environments (AWS, Azure, GCP).
• Familiarity with assessing and remediating security misconfigurations based on frameworks like CIS Benchmarks.
• Basic scripting skills (Python, PowerShell) for task automation or data analysis.
• Relevant security certifications (e.g., CISSP, CEH, Security+).