We are looking for a Vulnerability & Exposure Management Analyst to join a mature Cyber Defense Center within a global enterprise environment.
This role sits at the core of the vulnerability lifecycle, acting as a bridge between security, infrastructure, and development teams, ensuring that identified vulnerabilities are properly prioritised, communicated, and remediated.
Rather than focusing on scanning or hands-on remediation, this position plays a key orchestration and advisory role, working closely with internal stakeholders across multiple countries.
Your responsibilities
- Manage the lifecycle of vulnerabilities and exposures:-triage, prioritisation, assignment and follow-up
- Analyse vulnerabilities across different domains:-infrastructure, web applications, and (in the future) APIsApply risk-based prioritisation using frameworks such as CVSSProvide clear and actionable remediation guidance to internal teams
- Collaborate with infrastructure, cloud and development teams to support remediation
- Act as a first point of contact for internal stakeholders, handling:-support requests-troubleshooting-clarification of findings
- Develop and maintain remediation guidelines for:-security misconfigurations (Non-CVE)-web application vulnerabilities
- Contribute to process improvements, automation and new initiatives
- Monitor and track remediation progress through dashboards and reports
- Help improve the overall vulnerability management operating model
- What we’re looking for
- Must-have5+ years of experience in Cybersecurity Operations
- Hands-on experience in Vulnerability Management / Exposure Management
- Strong understanding of:-CVEs and security misconfigurations-risk prioritisation (CVSS or similar)
- Experience across:-infrastructure environments-web applications (OWASP mindset)
- Solid understanding of:-networking, OS (Windows/Linux)
- Active Directory or IAM environments
- Strong communication skills and stakeholder management
- Experience working with ticketing systems (Jira, ServiceNow, etc.)
- Fluent English
- Nice to have
- Exposure to cloud environments (AWS, Azure, GCP)
- Knowledge of CIS benchmarks or hardening standards
- Basic scripting (Python / PowerShell)
- Familiarity with graph-based data (e.g., Neo4j)
- What makes this role different
- You will not just detect vulnerabilities — you will drive their resolution
- Highly collaborative role with strong exposure to international teams
- Opportunity to influence processes and shape how vulnerability management is done
- Potential to grow into leadership responsibilities over time
Working environment
- International and English-speaking environment
- Hybrid model (1–2 office days/week)
- Flexible schedule with high autonomy
- Occasional travel within Europe
- Compensation & benefits
- Salary: 51k-56k€ (depending on experience)
- Flexible compensation package (~3.7k net/year)
- Private health insurance
- Remote work allowance (1-2 days/week office) and flexible hours
- Wellbeing benefits
