Security Analyst

Job Description

We are looking for a Vulnerability & Exposure Management Analyst to join a mature Cyber Defense Center within a global enterprise environment.

This role sits at the core of the vulnerability lifecycle, acting as a bridge between security, infrastructure, and development teams, ensuring that identified vulnerabilities are properly prioritised, communicated, and remediated.

Rather than focusing on scanning or hands-on remediation, this position plays a key orchestration and advisory role, working closely with internal stakeholders across multiple countries.

Your responsibilities

• Manage the lifecycle of vulnerabilities and exposures:
• triage, prioritisation, assignment and follow-up
• Analyse vulnerabilities across different domains:
• infrastructure, web applications, and (in the future) APIs
• Apply risk-based prioritisation using frameworks such as CVSS
• Provide clear and actionable remediation guidance to internal teams
• Collaborate with infrastructure, cloud and development teams to support remediation
• Act as a first point of contact for internal stakeholders, handling:
• support requests
• troubleshooting
• clarification of findings
• Develop and maintain remediation guidelines for:
• security misconfigurations (Non-CVE)
• web application vulnerabilities
• Contribute to process improvements, automation and new initiatives
• Monitor and track remediation progress through dashboards and reports
• Help improve the overall vulnerability management operating model

What we’re looking for

Must-have

• 5+ years of experience in Cybersecurity Operations
• Hands-on experience in Vulnerability Management / Exposure Management
• Strong understanding of:
• CVEs and security misconfigurations
• risk prioritisation (CVSS or similar)
• Experience across:
• infrastructure environments
• web applications (OWASP mindset)
• Solid understanding of:
• networking, OS (Windows/Linux)
• Active Directory or IAM environments
• Strong communication skills and stakeholder management
• Experience working with ticketing systems (Jira, ServiceNow, etc.)
• Fluent English

Nice to have

• Exposure to cloud environments (AWS, Azure, GCP)
• Knowledge of CIS benchmarks or hardening standards
• Basic scripting (Python / PowerShell)
• Familiarity with graph-based data (e.g., Neo4j)

What makes this role different

• You will not just detect vulnerabilities — you will drive their resolution
• Highly collaborative role with strong exposure to international teams
• Opportunity to influence processes and shape how vulnerability management is done
• Potential to grow into leadership responsibilities over time

Working environment

• International and English-speaking environment
• Hybrid model (1–2 office days/week)
• Flexible schedule with high autonomy
• Occasional travel within Europe

Compensation & benefits

• Salary: 51k-56k€ (depending on experience)
• Flexible compensation package (~3.7k net/year)
• Private health insurance
• Remote work allowance (1-2 days/week office) and flexible hours
• Wellbeing benefits