Senior Vulnerability Management Specialist

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging both companies’ strengths and best practices. As a part of ERGO Technology & Services Management AG, the technology holding of ERGO Group AG, we support millions of internal and external customers with state-of-the-art IT solutions to everyday problems.

In October 2022, ET&S S.A. expanded its scope of operations by creating a Business Services unit to contribute in a new way to the growth of ERGO’s business. Acting as a co-partner and internal consultant, it adds non-IT value and supports the development of the entire ERGO Group, currently offering skills in reporting, analysis, actuarial, and input management. We are committed to fostering innovation and meeting the evolving needs of our clients worldwide.

Discover how we implement AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions, and business-related services to anticipate and address our customers’ future needs.

About the role

In this position, you will participate in building a Global Vulnerability Management program. You will be controlling and maintaining the scanning infrastructure and related tools to provide accurate data to the vulnerability management processes. Consolidating data from various platforms and sources, you will assess and track potential cyber threats associated with security vulnerabilities, coordinate response and remediation efforts, as well as work on automating and simplifying the whole process. Working within a multinational team, you will create and implement operational processes, identify threats and security gaps, and collaborate with professionals from other Security areas to develop measures to protect the company’s information.

How you will get the job done

• facilitating and coordinating vulnerability assessment and scanning
• analyzing assessment results and threat feeds to properly react to security weaknesses or vulnerabilities
• collaborating, coordinating, monitoring, and supporting activities in the areas of the VM program
• maintaining control of scanning VM hardware, systems, and application software, performing upgrades and other maintenance activities for scanning infrastructure and related tools
• deploying new scanning infrastructure/tools and supporting solutions
• automating processes through scripting and providing API support/integration
• maintaining technical documentation of the VM program including requirements, architecture designs, network topology, applications, and application security designs
• collaborating on and providing VM results and metrics for consistent reporting for governance purposes – VM metrics, key risk indicators, trending, and compliance
• providing input, helping prepare and update VM roadmap, developing, maintaining, and publishing project plans and operational schedules
• helping to develop a long-term VM strategy that will address global information security needs (current state, gaps, and opportunities)

Skills and experience you will need

• fluency in English
• proven experience in the IT security field, e.g. vulnerability management, security operations, security engineering
• high analytical skills to identify and troubleshoot complex problems
• knowledge of IT service management processes (ITIL certification is a plus)
• ability to work in a multinational and complex environment
• excellent team-working skills and a “can do, let’s get it done” attitude is crucial
• strong interpersonal skills to enable effective interaction with technical and non-technical teams
• minimum of 5 years of experience working in a high-performance team conducting vulnerability management
• knowledge of scanning and vulnerability analysis tools (Tenable/Qualys) 
• knowledge and experience in administering IT components (systems, networks, servers)

Nice to have

• German language proficiency