Vulnerability & Exposure Management Operator (m/f/d)

Your Tasks

• Join our dynamic Vulnerability & Exposure Management Operations team where we proactively strengthen the organizations security posture. We are a strategic partner dedicated to prioritising assigning advising addressing and monitoring vulnerabilities and exposures in a structured and collaborative way. Our approach is founded on two core principles: robust governance to ensure our processes are consistent and reliable and unwavering customer centricity to foster strong collaborative partnerships with technical and business teams.
• This is a critical operational role where you will not only manage our established vulnerability and exposure management processes and services but also be at the forefront of expanding our capabilities. You will be directly involved in the operational launch of new and essential services including the assessing advising and addressing of security misconfigurations (Non-CVEs) and web application related vulnerabilities and exposures.
  Manage maintain and optimize our already established processes and services to prioritise assign advise address and monitor detected vulnerabilities and exposures.
• Actively work on new services processes and projects helping to define action plans and improvements contributing with their operationalization and automatization.
• Analyze and triage vulnerabilities and exposures applying risk-based prioritization and environment context using different frameworks like CVSS.
• Collaborate with asset owners infrastructure teams and other relevant stakeholders providing clear actionable guidance on secure configuration standards and best practices to facilitate effective remediation activities.
• Work on the operationalization of the findings detected by our web application scanning tool working and supporting directly the development teams on how to resolve web application based vulnerabilities and exposures.
• Develop and maintain remediation guidelines for security misconfigurations (Non-CVEs) in different environments (eg. Active Directory) and web applications related vulnerabilities and exposures to ensure consistent and effective risk reduction across multiple environments.
• Generate and present metrics reports and dashboards to communicate the effectiveness of current security and risk posture to stakeholders at all levels.
• Stay updated on emerging threats misconfigurations and best practices for securing enterprise environments.

Your Profile

• 56 years of working experience on Cybersecurity Operations as a Security Analyst with a focus on Vulnerability and Exposure Management.
• Strong hands-on experience with vulnerability and exposure management tools (e.g. Tenable Burp Suite XM Cyber).
• Solid understanding of security misconfigurations (Non-CVEs) and CVEs and their remediation techniques.
• Knowledge of security industry-standard frameworks and methodologies such as OWASP for web applications and APIs.
• Knowledge of operating systems (Windows Linux) networking principles web application architecture and IAM environments (eg. Active Directory).
• Excellent communication and interpersonal skills with a proven ability to translate complex technical issues for diverse audiences.
• Proficiency with IT service management or ticketing systems (e.g. Jira ServiceNow).
• Fluent English written and spoken.
• Good to Have knowledge of security best practices in cloud environments (AWS Azure GCP).
• Good to Have familiarity with identifying and remediating security misconfigurations based on frameworks like CIS Benchmarks.
• Good to Have basic scripting skills (Python PowerShell) for task automation or data analysis.
• Good to Have relevant security certifications (e.g. CISSP CEH Security).
• Love to work with customers and satisfy their needs
• Good work quality
• Tasks prioritization
• Independent working ability
• Ability to document
• Professional behaviour
• Capacity of team work
• Self-critical thinking and acting
• Independence
• Initiative
• Willingness to learn
• Flexibility to changes