Newsletter
Stay at the forefront
of market
Get the latest updates on AI-powered hiring, career growth, and technical deep-dives delivered to your inbox.
Get the latest updates on AI-powered hiring, career growth, and technical deep-dives delivered to your inbox.
Vitol
Vitol is an energy and commodities company with revenues of $331 billion in 2024; its primary business is the trading and distribution of energy products globally – it trades over seven million barrels per day of crude oil and products and, at any time, has 250 ships transporting its cargoes.
Vitol’s clients include national oil companies, multinationals, leading industrial companies and utilities. Founded in Rotterdam in 1966, today Vitol serves clients from some 40 offices worldwide and is invested in energy assets globally including 24mM3 of storage, 850kbpd of refining capacity, and 10,000 service stations.
To date, we have committed over $2.5 billion of capital to renewable projects and are identifying and developing low-carbon opportunities around the world.
Design, implement, and maintain security architecture for on-premises environments.
Monitor, detect, triage, and respond to security incidents and alerts end-to-end, providing L2 and L3 support; own the incident lifecycle from initial detection through containment, eradication, recovery, and post-incident review.
Operate and tune Microsoft Sentinel (SIEM/SOAR) — build detection rules, analytic queries, and automated playbooks to reduce mean time to detect and respond.
Leverage Varonis for data access governance, insider threat detection, and abnormal behaviour alerting across file systems and cloud storage.
Design, plan, and execute internal Red Team engagements — including scoping, rules of engagement, adversary simulation, and structured debrief — to validate defensive controls and identify gaps before real attackers do. Improve and maintain the Red Team Infrastructure aligned with the current threat landscapeOperate AI/LLM-powered penetration testing tooling against Vitol's own infrastructure as part of the Red Team program, evaluating its effectiveness and contributing findings to the wider security roadmap.
Conduct offensive security assessments using industry-standard tools including Burp Suite (web application testing), BloodHound (Active Directory attack path mapping), C2 frameworks.
Manage incidents reported by CrowdStrike Falcon (endpoint telemetry and threat intelligence), Microsoft Defender (endpoint protection and XDR).
Perform threat hunting across endpoint, network, and cloud telemetry; develop and refine threat hunt hypotheses based on current threat intelligence.
Implement and manage identity and access management solutions, with particular attention to privileged access and lateral movement vectors identified through Red Team activity.
Develop and maintain security documentation including Red Team playbooks, IR runbooks, and lessons-learned reports.
Highly responsive, energetic, and enthusiastic.
Strong analytical skills, attention to detail, and ability to work in a high-pressure environment.
Highly responsive, energetic, and enthusiastic.
Strong analytical skills, attention to detail, and ability to work in a high-pressure environment.
Capable of prioritizing tasks and meeting critical deadlines.
Ready to work extended hours when required.
Can work independently and report to the CISO.Excellent judgment, attention to detail.
Solution and results oriented.
Team player, with an open non-political style and a high level of personal integrity
Verified Listing
This role has been verified for authenticity, market-rate compensation, and remote eligibility.