Vulnerability Management Specialist

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging both companies’ strengths and best practices. As a part of ERGO Technology & Services Management AG, the technology holding of ERGO Group AG, we support millions of internal and external customers with state-of-the-art IT solutions to everyday problems.

In October 2022, ET&S S.A. expanded its scope of operations by creating a Business Services unit to contribute in a new way to the growth of ERGO’s business. Acting as a co-partner and internal consultant, it adds non-IT value and supports the development of the entire ERGO Group, currently offering skills in reporting, analysis, actuarial, and input management. We are committed to fostering innovation and meeting the evolving needs of our clients worldwide.

Discover how we implement AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions, and business-related services to anticipate and address our customers’ future needs.

About the role

In this position, you will participate in building a Global Vulnerability Management program. You will be controlling and maintaining the scanning infrastructure and related tools to provide accurate data to the vulnerability management processes. Consolidating data from various platforms and sources, you will assess and track potential cyber threats associated with security vulnerabilities, coordinate response and remediation efforts, as well as work on automating and simplifying the whole process. Working within a multinational team, you will create and implement operational processes, identify threats and security gaps, and collaborate with professionals from other Security areas to develop measures to protect the company’s information.

How you will get the job done

• facilitating and coordinating vulnerability assessment and scanning
• analyzing assessment results and threat feeds to properly react to security weaknesses or vulnerabilities
• collaborating, coordinating, monitoring, and supporting activities in the areas of the VM program
• maintaining control of scanning VM hardware, systems, and application software, performing upgrades and other maintenance activities for scanning infrastructure and related tools
• deploying new scanning infrastructure/tools and supporting solutions
• automating processes through scripting and providing API support/integration
• maintaining technical documentation of the VM program including requirements, architecture designs, network topology, applications, and application security designs
• collaborating on and providing VM results and metrics for consistent reporting for governance purposes – VM metrics, key risk indicators, trending, and compliance
• providing input, helping prepare and update VM roadmap, developing, maintaining, and publishing project plans and operational schedules
• helping to develop a long-term VM strategy that will address global information security needs (current state, gaps, and opportunities)

Skills and experience you will need

• fluency in English
• proven experience in the IT security field, e.g. vulnerability management, security operations, security engineering
• knowledge of scanning and vulnerability analysis tools (Tenable/Qualys) 
• knowledge and experience in administering IT components (systems, networks, servers)
• high analytical skills to identify and troubleshoot complex problems
• knowledge of IT service management processes (ITIL certification is a plus)
• ability to work in a multinational and complex environment
• desire to keep learning, extending your skills
• Unix/Windows/networking background (administration of scanning infrastructure)

Nice to have

• German language proficiency
• scripting language (Python, Perl, etc.) and automation skills

Perks & Benefits

Let's be healthy

Medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.

Let's be balanced

Work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.

Let's be smart

We organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.

Let's be responsible

Each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.

Let's be fun

Company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!

Let's be diverse

Every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!