Lead Risk & Vulnerability Management Engineer
Brak informacji o wynagrodzeniu
SeniorFull-time·B2B
#386374·Dodano dziś·0
Źródło: ExperisTech Stack / Keywords
ITILSIEMCybersecuritySecuritySOLIDITSMServiceNow
Firma i stanowisko
Experis to światowy lider rekrutacji specjalistów i kadry zarządzającej w kluczowych obszarach IT. Z nami znajdziesz konkurencyjne oferty zatrudnienia oraz ciekawe projekty IT skierowane zarówno do ekspertów z wieloletnim doświadczeniem, jak i osób, które dopiero zaczynają swoją przygodę w branży IT.
Wymagania
- 8+ years of hands-on experience in cybersecurity, vulnerability management, or risk management
- Proven experience operating at Tier 3/4 level, handling complex escalations and advanced technical scenarios
- Demonstrated track record of building and operationalizing managed security services with a strong delivery focus
- Strong hands-on experience with vulnerability management platforms such as Tenable, Qualys, Rapid7, or similar solutions
- Deep understanding of risk-based vulnerability prioritization methodologies, including CVSS, EPSS, and threat intelligence integration
- Solid understanding of SOC workflows, SIEM environments, and ITSM/ITOM platforms
- Experience with ServiceNow, particularly ITOM, SecOps, or Vulnerability Response modules, is highly preferred
- Experience translating service requirements into operational processes, delivery models, runbooks, and procedures
- Strong knowledge of ITIL and service management principles
- Proven ability to deliver standardized, scalable, and repeatable managed services
- Experience with SOAR platforms and workflow automation solutions
- Ability to design and drive automation-first approaches that increase efficiency and reduce manual effort
- Strong stakeholder engagement skills across Product Management, SOC, and Delivery teams
- Ability to operate as a Delivery SME, effectively bridging strategy and execution
- Excellent communication and collaboration skills
- Experience engaging customer stakeholders and internal leadership teams
- Strong problem-solving skills and the ability to operate effectively within complex enterprise environments
Preferred Certifications:
- CISSP, CISM, or CISA, particularly in the areas of security governance and risk management
- GIAC certifications such as GSEC, GPEN, or GCIA
- Vendor-specific certifications related to Tenable, Qualys, ServiceNow, or similar technologies
Obowiązki
Service Design & Delivery Readiness:
- Translate product and service requirements into operational designs, including processes, tooling integrations, and delivery models
- Define delivery frameworks, SLAs, KPIs, and reporting models aligned with scalable managed services execution
- Partner with Product Management to operationalize defined service capabilities, ensuring feasibility, consistency, supportability, and delivery readiness
- Define ownership models (RACI) and support audit and compliance requirements
- Account for OT-specific constraints where patching is not feasible and define appropriate risk management approaches
- Translate vulnerability data into business risk insights and executive-level decision support
Service Launch & Operationalization:
- Lead service implementation and rollout activities from a delivery perspective
- Define and implement operational processes aligned with ITIL best practices where applicable
- Drive integration of vulnerability scanners, ITOM platforms, SIEM solutions, and ticketing systems
- Develop and maintain runbooks, playbooks, and standard operating procedures (SOPs)
- Ensure operational readiness across SOC and Delivery teams through training, knowledge transfer, and structured handoffs
- Drive standardization and repeatability of service delivery across multiple customers and environments
Stakeholder Collaboration:
- Work closely with Product Management, which owns the service definition and roadmap
- Collaborate with SOC teams to ensure execution alignment and effective escalation models
- Partner with Delivery teams responsible for day-to-day service execution
- Serve as a Tier 3/4 technical escalation point for complex risk and vulnerability management scenarios
- Engage effectively with customer stakeholders, internal leadership, and cross-functional teams
Automation & Continuous Improvement:
- Drive automation initiatives to improve delivery efficiency, scalability, and operational effectiveness
- Develop and enhance workflow automation capabilities
- Implement and improve risk prioritization logic and decision-making processes
- Create and optimize reporting capabilities and operational dashboards
- Identify opportunities to reduce manual effort and improve consistency across service delivery
- Promote an automation-first approach to service operations and continuous improvement
Benefity
- Multisport card
- Private healthcare (Medicover)
- Access to an e learning platform
- Group life insurance
Karta sportowa
Opieka zdrowotna
Ubezpieczenie
Inne informacje
Remote work model with occasional visits to the client’s office in Katowice (approximately 3–4 days per month)
Experis
329 aktywnych ofert