Vulnerability Management Expert

Пълно описание

Vulnerability Management Expert

Strength. Care. Growth

A1 Competence Delivery Center is a vital component of A1’s telecommunications business. Acting as an expertise hub, CDC is dedicated to delivering a full range of high-quality IT, network, financial and other services to support A1’s operations across all OpCos, independent of location.

Using the power of being OneGroup and leveraging synergies, CDC enables transparency of resources, key skills and knowledge expansion and personal career growth opportunities’ enhancement, paired with job stability.

We are expanding the Identity and Access Management DC of the A1 Competence Delivery Center. Be part of this exciting journey! 

You will know we are the right place for you, if you are driven by:

Opportunities to learn and build your career.
Meaningful work in a stable and fast-paced company.
Diversity of people, projects, and platforms.
A supportive, fun, and inspiring place to work.

​This job can be performed by all countries within our A1 footprint.

Job purpose

We are looking for a Vulnerability Management Expert to join our Security services stream. In this role, you will be responsible for operating and optimizing our vulnerability management processes, from manual and automated scanning to supporting penetration testing activities. You’ll work closely with other security teams, SOC analysts, and mostly Cyber trust experts to ensure tests are done properly and in timly manner and vulnerabilities are detected, tracked, and remediated effectively.

Role insights:

Configure, run, and manage vulnerability scanning tools.
Participate in developing vulnerability management plan for all A1 Operational companies.
Schedule and automate vulnerability scans across various environments.
Analyse business needs and deliver on time scanns with various scopes and tacktics.
Analyze scan results, validate findings, and automate creation of actionable remediation tickets in ticketing systems.
Collaborate with GAP management team and other Group wide organizational units to ensure qualitative and timely remediation of vulnerabilities.
Develop or enhance automation scripts for scanning workflows (Python preferred).
Support penetration testing teams with pre-test reconnaissance and vulnerability scanning.
Support SOC team in cases of suspicious or ongoing incidents
Produce reports and metrics for vulnerability trends and remediation progress.
Stay up to date on the latest vulnerabilities, exploits, and scanning methodologies.

What makes you unique:

1+ years of experience in vulnerability management or similar security role.
Hands-on experience with at least one major vulnerability scanning tool.
Strong understanding of vulnerability lifecycle management.
Scripting skills (Python preferred) for automation tasks, are considered as plus.
Familiarity with ticketing and workflow tools.
Knowledge of networking fundamentals, operating systems, and common security flaws (OWASP, CVEs, CVSS scoring).
Ability to interpret scan results and communicate risks clearly to technical and non-technical stakeholders.
Experience in integrating vulnerability tools with SIEM/SOAR platforms, and Ticketing systems is considered as a plus.
Familiarity with cloud environments (AWS, Azure, GCP) vulnerability scanning is considered as a plus.
Security certifications such as CompTIA Security+, CEH, or similar are considered as a plus.

Our gratitude for the job done will be eternal, but we’ll also offer you:

Innovative technologies and platforms to “play” with;
Modern working environment for your comfort;
Friendly, ambitious, and motivated teammates to support each other;
Thousands of online and in-person learning opportunities to grow;
Challenging assignments and career development opportunities in multinational environment;
Attractive remuneration package;
Flexible working schedule and opportunity for home office;
Numerous additional goodies, including, but not limited to free A1 services, discounts, health insurance and services, sports center, childcare, team and family events, etc.

Not sure yet? See us in action in our A1 Blog.