CrawlJobs Logo
Adevinta Logo Adevinta · IT - Software Development

Vulnerability Management Tech Lead

Spain, Barcelona · Job Posted March 20, 2026
Apply Position
Job Link Share

Job Description

As a Vulnerability Management Tech Lead, you will provide senior technical leadership for Adevinta’s Vulnerability Management Team (VulMa). You will define and evolve the technical architecture, drive complex integrations and automation at scale, and act as the primary technical reference for the most challenging vulnerabilities. You will combine hands-on engineering with strategic technical influence: architecting solutions, mentoring engineers, shaping technical standards and ensuring our Vulnerability Management System (VMS) is robust, observable and aligned with Adevinta’s security objectives.

Job Responsibility

  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
  • Represent the technical voice of Vulnerability Management in cross-functional architecture reviews and be a pragmatic technical partner to Cloud Defense, Incident Response, Governance and product engineering teams

Requirements

  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
  • Fluent in English (spoken and written)
  • Comfortable in a multicultural environment

Nice to have

  • Practical experience in threat modelling and translating models into mitigations and testable countermeasures
  • Practical experience implementing Secure Development Lifecycle (SDL) practices and developer enablement
  • Practical incident-response experience (IR playbooks, tabletop exercises, coordinating investigations and post-incident remediations)
  • Hands-on experience with supply-chain and dependency management (creating and consuming SBOMs, automated dependency scanning and remediation)
  • Proven experience planning and evaluating internal penetration tests and red-team exercises
  • Active participation in security communities or recognised vulnerability work (bug-bounty programs, CTFs, open-source contributions, CVEs or Hall-of-Fame recognition)
  • Relevant industry certifications or advanced formal training

What we offer

  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
Adevinta - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Vulnerability Management Tech Lead

8 matching positions

Vulnerability Management Tech Lead

As a Vulnerability Management Tech Lead, you will provide senior technical leade...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
Job Responsibility
Job Responsibility
  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right

Vulnerability Management Tech Lead

As a Vulnerability Management Tech Lead, you will provide senior technical leade...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
Job Responsibility
Job Responsibility
  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right
New

Senior Java Tech Lead

We are seeking a highly skilled and experienced Senior Java Developer to join ou...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 7+ years of professional experience in Java development
  • Java Core: Strong proficiency in Java and its ecosystem, with a deep understanding of object-oriented programming, design patterns, and data structures
  • Backend Services: Extensive experience in developing and deploying scalable and high-performance backend services
  • Data Distribution/Caching: Proven experience with data distribution technologies like Kafka and in-memory data grids/caching solutions such as Apache Ignite, VMware GemFire, or similar
  • Database Technologies: Strong understanding and hands-on experience with relational databases (e.g., PostgreSQL, Oracle, SQL Server) and/or NoSQL databases (e.g., MongoDB, Cassandra)
  • Kubernetes & Docker: Hands-on experience with Docker for containerization and Kubernetes for container orchestration and deployment
  • Multithreading: Expert-level knowledge and practical experience with Java multithreading and concurrency concepts
  • Security: Strong understanding of application security principles, secure coding practices, and experience implementing security measures
  • Unit Testing: Experience with unit testing frameworks and practices (e.g., JUnit, Mockito)
  • Troubleshooting & Support: Excellent problem-solving skills with a strong ability to provide L3 support and troubleshoot complex production issues
Job Responsibility
Job Responsibility
  • Design, develop, and implement high-performance Java backend services for the data platform, focusing on efficient data distribution using Kafka and advanced caching mechanisms utilizing technologies like Apache Ignite, VMware GemFire, or similar in-memory data grids
  • Maintain, enhance, and optimize existing Java services and the data platform, ensuring scalability, reliability, and low latency
  • Implement solutions using containerization technologies such as Docker and orchestration with Kubernetes
  • Apply advanced multithreading techniques to develop highly concurrent and responsive applications
  • Ensure the security of applications and data by implementing secure coding practices and adhering to security standards
  • Collaborate with architects, product managers, and other developers to understand requirements and translate them into technical solutions
  • Participate in the entire software development lifecycle, including requirements gathering, design, coding, testing, deployment, and support
  • Conduct code reviews to ensure code quality, maintainability, and adherence to best practices
  • Provide L3 support for production issues, including root cause analysis and timely resolution
  • Participate in a rotational schedule for lower environment support, ensuring smooth operations and stability
  • Fulltime
Read More
Arrow Right
New

Apps Sup Tech Lead Analyst, Vice President

The Apps Sup Tech Lead Analyst is a strategic professional who stays abreast of ...
Location
Location
Hong Kong SAR , Kowloon
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years experience
  • Practical problem solving and strategic thinking skills
  • Demonstrated leadership, interpersonal skills and relationship building skills
  • Service oriented attitude
  • Ability to work in a fast-paced environment
  • Experience working or leading requirement gathering efforts for multiple large development projects at one-time
  • Proficient using basic technical tools and systems
  • Good interpersonal and communication skills
  • Bachelor’s/University degree, Master’s degree preferred
Job Responsibility
Job Responsibility
  • Partner with multiple technology teams to ensure appropriate integration of functions to meet goals
  • Identify and define necessary system enhancements
  • Analyze existing system logic, identify problems
  • Recommend and implement solutions
  • Formulate and define systems scope and objectives for complex, high impact application enhancements and problem resolution
  • Partner with multiple technology areas and management teams to ensure appropriate integration of functions to meet goals
  • Work closely with Product Owners, Business Analysts and Systems Analysts to determine and document Systems impacts and support requirements
  • Consider the implications of the application of technology to the current environment
  • Identify risks, vulnerabilities and security issues
  • Communicate impact
  • Fulltime
Read More
Arrow Right

Cyber Security Compliance Tech. Lead

Conduct regular cybersecurity assessments and audits for Vodafone Cash and other...
Location
Location
Egypt , Giza
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Certifications in cybersecurity (e.g., CISSP, CISM, CISA, ISO27001)
  • Very good knowledge with PCI_DSS
  • Experience in the fintech industry, with a focus on mobile money services at least 2 years
  • Knowledge of specific fintech products and services, including mobile wallets and payment systems
  • Reporting & project management skills is a plus
  • Good grasp of mobile network security and vulnerabilitie
  • Bachelor’s degree in engineering, or computer science
  • Strong understanding of cybersecurity frameworks and standards (e.g., ISO 27001, PCI-DSS, NIST Cybersecurity Framework)
  • In-depth knowledge of cybersecurity threats, vulnerabilities, and countermeasures
  • Proficiency in cybersecurity tools and technologies
Job Responsibility
Job Responsibility
  • Conduct regular cybersecurity assessments and audits for Vodafone Cash and other fintech products
  • Develop and implement cybersecurity policies, procedures, and controls specific to mobile money services
  • Monitor and report on cybersecurity metrics and KPIs for Vodafone Cash and other fintech products
  • Risk Management for cash & fintech products
  • Identify, assess, and mitigate cybersecurity risks associated with Vodafone Cash and other fintech products
  • Develop and implement cybersecurity risk management frameworks and strategies
  • Conduct threat and vulnerability assessments for Vodafone Cash and other fintech products
  • Ensure the implementation of data protection measures, including data encryption, access controls, and data loss prevention
  • Assess the cybersecurity posture of third-party vendors and partners involved in Vodafone Cash and other fintech products
  • Follow up on cybersecurity risks associated with third-party relationships
  • Fulltime
Read More
Arrow Right

Apps Sup Tech Lead Analyst

The Apps Sup Tech Lead Analyst is a strategic professional who stays abreast of ...
Location
Location
Hong Kong SAR , Kowloon
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years experience
  • Practical problem solving and strategic thinking skills
  • Demonstrated leadership, interpersonal skills and relationship building skills
  • Service oriented attitude
  • Ability to work in a fast-paced environment
  • Experience working or leading requirement gathering efforts for multiple large development projects at one-time
  • Proficient using basic technical tools and systems
  • Good interpersonal and communication skills
  • Bachelor’s/University degree
Job Responsibility
Job Responsibility
  • Partner with multiple technology teams to ensure appropriate integration of functions to meet goals
  • Identify and define necessary system enhancements
  • Analyze existing system logic, identify problems
  • and recommend and implement solutions
  • Provide expertise in area and an advanced level of understanding of the principles of apps support
  • Formulate and define systems scope and objectives for complex, high impact application enhancements and problem resolution
  • Partner with multiple technology areas and management teams to ensure appropriate integration of functions to meet goals
  • Work closely with Product Owners, Business Analysts and Systems Analysts to determine and document Systems impacts and support requirements
  • Consider the implications of the application of technology to the current environment
  • Identify risks, vulnerabilities and security issues
  • Fulltime
Read More
Arrow Right

Application Development Tech Lead Analyst -Vice President

Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with server operating systems (e.g., RHEL)
  • Must-have proficiency in scripting languages including PowerShell, Shell scripting, and Python, and automation tools such as Ansible
  • Required experience with cloud platforms (e.g., LightSpeed, ECScloud, Kubernetes, OpenShift, managing Pods)
  • Experience with SRE tools such as ELK Stack (Elasticsearch, Logstash, Kibana)
  • Knowledge of application monitoring tools (e.g., AppDynamics)
  • Experience with WebLogic, JDK/JRE, and Tomcat
  • Understanding of SSL certificate management
  • Strong troubleshooting and problem-solving skills, particularly for SFTP and middleware-related issues
  • Ability to work with data points for analysis and decision-making
  • Familiarity with disaster recovery and business continuity processes (PROB & COB)
Job Responsibility
Job Responsibility
  • Partner with multiple management teams to ensure appropriate integration of functions to meet goals as well as identify and define necessary system enhancements to deploy new products and process improvements
  • Resolve variety of high impact problems/projects through in-depth evaluation of complex business processes, system processes, and industry standards
  • Perform regular updates and patching of server operating systems (e.g., RHEL 7 to RHEL 8), applications, web servers, and middleware to maintain cyber hygiene and security
  • Ensure comprehensive backup strategies are in place for all files and folders before any system upgrade, guaranteeing quick restoration capabilities
  • Implement and enforce strict access controls for application team members, adhering to Citi standards for vulnerability remediation and security effectiveness
  • Manage and perform Quarterly WebLogic CPU Patching
  • Execute JDK/JRE, AppDynamics, and Tomcat upgrades as required
  • Oversee SSL installation and renewal for ICGA and Essbase applications to ensure secure communication
  • Provide stable and consistent baseline support for allocated applications, minimizing disruptions through streamlined routine tasks and proactive planning
  • Provide engineering support including monitoring applications, services, logs, performance, and issues to facilitate faster issue resolution
  • Fulltime
Read More
Arrow Right

Applications Support Tech Lead Analyst

Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years experience
  • Practical problem solving and strategic thinking skills
  • Demonstrated leadership, interpersonal skills and relationship building skills
  • Service oriented attitude
  • Ability to work in a fast-paced environment
  • Experience working or leading requirement gathering efforts for multiple large development projects at one-time
  • Proficient using basic technical tools and systems
  • Good interpersonal and communication skills
  • Bachelor’s/University degree
  • Master’s degree preferred
Job Responsibility
Job Responsibility
  • Partner with multiple technology teams to ensure appropriate integration of functions to meet goals
  • Identify and define necessary system enhancements
  • Analyze existing system logic, identify problems
  • Recommend and implement solutions
  • Provide expertise in area and an advanced level of understanding of the principles of apps support
  • Formulate and define systems scope and objectives for complex, high impact application enhancements and problem resolution
  • Document requirements
  • Partner with multiple technology areas and management teams to ensure appropriate integration of functions to meet goals
  • Work closely with Product Owners, Business Analysts and Systems Analysts to determine and document Systems impacts and support requirements
  • Consider the implications of the application of technology to the current environment
  • Fulltime
Read More
Arrow Right