CrawlJobs Logo

Vulnerability Management Security Engineer

adevinta.com Logo

Adevinta

Location Icon

Location:
Spain , Barcelona

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As a Vulnerability Management Engineer, you will be a vital part of Adevinta's Information Security team. You'll manage proactive security programs, conduct in-depth technical assessments, and lead strategic security planning sessions. Your responsibilities will include driving automation initiatives for security processes, integrating advanced security tools, and leveraging threat intelligence to enhance our defensive capabilities. You will be key in ensuring that Adevinta's security strategy covers industry-relevant security standards, leaving no gaps open to be exploited. The Vulnerability Management team is part of the Information Security department, where you'll collaborate closely with other services such as Secure Product Lifecycle, Incident Response and Governance. You may also be called on to interact with product development teams to help them secure their products.

Job Responsibility:

  • You will conduct and manage bug bounty programs, perform and manage penetration testing, and lead threat modelling sessions
  • You will automate internal flows for security data aggregation
  • You will integrate security tools by automated means
  • You will automate the handling of threat intelligence and environment data in order to enhance security controls
  • You will ensure our assets are properly reporting events to the SIEM, and support the definition of rules for generating alerts
  • You will support the other Infosec teams as a subject-matter expert
  • You may be required to travel occasionally, mainly inside the EU, to our main hubs
  • You will have the possibility of being on-call

Requirements:

  • You have a hacker mindset, an open mindset, with technical skills and a passion for security
  • You have strong analytical and problem-solving skills, with the ability to synthesise complex data into actionable insights
  • You recognize the need for automation to handle problems at scale, and you can implement that automation
  • You are proficient in cloud operations, particularly in AWS but ideally also in GCP
  • You have excellent fundamental knowledge of network, protocol, system and application security, as well as of the industry-standard strategies and frameworks that apply
  • You have software development skills and database knowledge
  • You have excellent communication and interpersonal skills, with the ability to build relationships and influence others
  • You deal with problems by taking ownership and by collaborating with others
  • You are fluent in English (spoken and written)
  • You are comfortable in a multicultural environment

Nice to have:

  • Proficiency in threat modelling
  • Proficiency on Secure Development Lifecycle principles
  • Experience with cloud security services like AWS GuardRails, SCPs, Security Groups, IAM, WAF
  • Notions of incident response
  • Public or private presentations
  • Open source contributor
  • Participation in conferences and training
  • Certifications
  • Membership in bug bounty programs, CTF player or member of ethical hacking communities, recognition in the Hall of Fame, CVE mentions or vulnerability reporter
What we offer:
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family

Additional Information:

Job Posted:
January 04, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Adevinta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Management Security Engineer

Senior Backend Engineer (Golang) Security & Vulnerability Management

Endor Labs is on a mission to enhance developer productivity and accelerate open...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in engineering with 6-8 years of experience building scalable backends for product/SaaS companies
  • At least 3-years experience in Golang programming with a focus on microservices/distributed architecture
  • Triaging, prioritizing and resolving vulnerabilities reported for containers and application-level dependencies, as well as solid knowledge of common standards in this space, e.g., CVE, CVSS, OVAL or PURL
  • Using two or more package managers of different ecosystems (e.g., Java/Maven, Node.js/npm or Debian/APT) for pulling and publishing artifacts, esp. in combination with company-internal registries, plus an understanding of their respective dependency specification formats, resolution algorithms and versioning conventions/formats
  • Practical experience in designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.)
  • Ability to build and design technical solutions from scratch and your code and documentation can be used as an example for coding best practices at Endor
  • Scalable Distributed System Experience - understand micro-services and domain-driven design, load balancing, horizontal/vertical scaling, and stateless architectures
  • Architecture - knowledge of data structures and a keen eye for building architectures that scale and extend easily for longevity
  • Apply data-driven techniques to evaluate and propose architectural choices
  • Ability to discuss tradeoffs between architecture’s choice to influence groups to move in the right direction
Job Responsibility
Job Responsibility
  • Architect and build the core backend infrastructure for SaaS products
  • Design, architect, and build features end-to-end while working closely with Product Management and the engineering team
  • Ensure scalability, reliability, and performance of systems
  • Drive innovation, make critical architectural decisions, and lead the implementation of cutting-edge technologies
  • Troubleshoot distributed systems and solve root causes.
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Cyber Security Engineer position at Sopra Steria, a major Tech player in Europe ...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Governance - Security Operational Tasks support & governance. Compliance and Risk Management
  • Vulnerability Management - vulnerability (infra and app) scans and remediation plans
  • SMP (Security Management Plan) - preparing, reviewing and managing
  • Authorisation management - should have managed the accounts & controls in the Infra scope
  • Security Patch management - end-to-end coordination and implementation
  • Security product management - Antivirus Management, like TrendMicro, Defender, etc...
  • Security incident management - Managing the end-to-end security incident lifecycle with corrective measures
  • Audit support - support auditors' mandate on the security system and artefacts
  • Mitigation - thinking analytically and executing efficiently. Analyse and optimise orchestration and automation between security tools
  • Vendor Management, Collaboration, Facilitation - Excellent customer-facing skills and significant experience building strong client relationships
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Open to people with disabilities
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

Corporate Tools is looking for a Security Engineering Manager who eats vulnerabi...
Location
Location
Salary
Salary:
185000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or equivalent experience
  • 5+ years building and securing software — hands‑on experience with web frameworks (Rails, Django, Node, etc.) and modern architectures
  • Proven application security expertise: secure SDLC, OWASP, threat modeling, exploit mitigation, and vulnerability remediation
  • Experience leading security or engineering teams — setting strategy, running scrums, conducting reviews, and mentoring talent
  • Strong knowledge of cloud environments (AWS, Azure, GCP) and securing databases (SQL/NoSQL) in production
  • Exposure to offensive and defensive security practices — red team, blue team, or incident response experience a plus
  • Ability to communicate risk and solutions to execs, engineers, and auditors — respected by hackers and trusted by leadership
  • Pragmatic mindset: knows when to enable speed, when to block, and how to automate guardrails to keep teams fast and safe
Job Responsibility
Job Responsibility
  • Lead 6 security engineers across three specialized teams: Red (offense), Blue (defense), and Orange (compliance)
  • Own the security strategy and execution for offensive testing, defensive monitoring, and compliance work — ensuring all three disciplines are aligned
  • Act as the technical anchor for the teams: review code, guide exploits, drive secure architecture decisions, and mentor engineers
  • Partner with product and engineering leads to embed security into development (threat modeling, secure coding, CI/CD guardrails)
  • Build internal security tools and automation that make it easier for product teams to ship securely
  • Oversee red team engagements and turn findings into actionable fixes, not just reports
  • Manage defensive capabilities — incident response, detection engineering, monitoring — and continually improve them
  • Ensure compliance frameworks (SOC2, ISO, PCI, etc.) are met without slowing innovation or creating unnecessary bureaucracy
  • Set a high technical bar: coach, mentor, and challenge engineers to pursue elegant, practical security solutions
  • Balance being a builder and a leader: stay hands‑on enough to earn respect from hackers, but prioritize leading and scaling the team’s impact
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
Read More
Arrow Right

Service Delivery Manager - Managed Security

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in managed security services, cybersecurity delivery management, or IT service management
  • Proven track record of managing complex client relationships and delivering managed services
  • Experience working with Security Operations Centers (SOC) or MSSPs is highly desirable
  • Should have managed a team of Cyber Security engineers including SIEM, Vulnerability, IAM, HSM, etc
  • Experience in at least 3 of the below products is desirable: Microsoft Sentinel with Copilot, Microsoft Defender including VA, Thales HSM & Cipher Trust Manager, CyberArk PAM, Nexus Smart ID
Job Responsibility
Job Responsibility
  • Oversee the end-to-end delivery of managed security services, such as threat monitoring, incident response, vulnerability management, endpoint protection, and other cybersecurity services
  • Ensure services are delivered in compliance with Service Level Agreements (SLAs) and established security frameworks (e.g., NIST, ISO 27001)
  • Monitor and measure the performance of managed security services, identifying areas for improvement and ensuring high-quality service delivery
  • Manage and coordinate teams responsible for delivering managed security services, including security analysts, engineers, and consultants
  • Collaborate with internal teams (e.g., SOC, engineering, compliance) to ensure seamless service delivery and resolution of client issues
  • Provide leadership, guidance, and support to team members, fostering a culture of accountability and continuous improvement
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We are seeking a Senior Vulnerability Management Engineer to lead and enhance ou...
Location
Location
Philippines , Makati City
Salary
Salary:
Not provided
avaloq.com Logo
Avaloq
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive hands-on experience with Tenable (Tenable.io, Tenable.sc, Nessus Manager)
  • Deep technical expertise in vulnerability detection, authenticated scan engineering, and hybrid infrastructure scanning
  • Strong knowledge of networks, Windows/Linux, VMware, cloud platforms (AWS and OCI), and container ecosystems
  • Scripting and automation skills (Python, PowerShell, REST APIs)
  • Solid understanding of security frameworks: CIS Benchmarks, ISO 27001, SWIFT CSCF, CSA CCM
  • Experience in FINMA, MAS and DORA regulated financial environments (banks, insurers, securities firms)
  • Ability to communicate technical risk clearly to both engineers and senior management
  • Certifications: OCI Security Professional, Tenable Certified Engineer, CISSP
Job Responsibility
Job Responsibility
  • Lead engineering, architecture, and advanced configuration of Tenable.io / Tenable.sc / Nessus across hybrid infrastructures
  • Oversee authenticated scanning across servers, cloud workloads, network appliances, databases, and container platforms
  • Integrate Tenable with enterprise systems (CMDB, SIEM, ITSM) using APIs and scripting (Python/PowerShell)
  • Engineer cloud vulnerability coverage via connectors, agents, and container registry scans
  • Enhance detection accuracy through custom plugins, scan policy tuning, and automation pipelines
  • Provide technical leadership and guidance to remediation teams, ensuring adherence to CIS/NIST/SWIFT/ISO standards
  • Produce regulator-ready metrics, dashboards, and audit evidence for FINMA and MAS reviews
  • Contribute to security architecture, hardening initiatives, and continuous improvement of the vulnerability management program
What we offer
What we offer
  • Annual bonus
  • Flexible working
  • Instant recognition
  • Access to Udemy for professional and personal learning
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
United States , Remote
Salary
Salary:
101900.00 - 234500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity, or a related field (or equivalent experience)
  • 7+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF, and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers.
What we offer
What we offer
  • Comprehensive suite of benefits that supports physical, financial, and emotional wellbeing
  • Specific programs catered to helping employees reach career goals
  • Inclusive working environment.
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy