#1 Job Board for tech industry in Europe

Vulnerability Remediation Engineer
Security

Vulnerability Remediation Engineer

Kraków
Type of work
Undetermined
Experience
Mid
Employment Type
Permanent
Operating mode
Office

Tech stack

    Qualys

    regular

    Splunk

    regular

    Chef Inspec

    regular

    Remedy

    regular

    ServiceNow

    regular

Job description

Online interview
Job Description
As a Vulnerability Remediation Engineer within the Platform Security, Compliance & Observability group you will be responsible for delivery of Vulnerability Remediation Service, protecting State Street's servers, virtualization hypervisors, network devices, 3rd party applications, cloud and middleware from cyber threats through coordination of the remediation activities between Global Cybersecurity, IT and Service Providers using some of the newest cutting edge cyber tools available on the market. This role will provide you with the opportunity to help us change our culture and drive change across the organization. Together we will try and work on improving the technology stack both internally and in the cloud for an enhanced user experience, one we can be proud of.
 
We offer flexible working and remote working options and don’t expect you to be in the office 5 days a week but can if that is what you prefer. Upon submission and acceptance of your CV we will look to communicate with you quickly and recruit via a panel, which if you’re right, the job offer will come quickly. We realise that waiting or never getting a response is not a wanted part of applying for a new job.
 
The below is what we are looking for but you may not have it all, we will expect you to learn and bridge the gaps of which we have a great learning platform called Degreed, with a wide range of learning materials and sources for you. We are creating an “above the line” culture and we need people to think like this.

 What you’ll do:
  • Protect State Street's infrastructure and applications through delivery of Vulnerability Remediation Service, according to the SLAs set by Global Cybersecurity and Regulators
  • Interact with Global Cybersecurity, IT Managers, Application Support, Technical Risk Management and external Service Providers to drive and coordinate remediation efforts, help understand the exposure to cyber risks and support with the remediation-related queries
  • Perform vulnerability and remediation scans, vulnerability impact assessments, false positive investigations, risk acceptance and risk exception handling
  • Create and manage Vulnerability Management dashboards and reports using in-house and external tools
  • Analyze external and internal CTI (Cyber Threat Intelligence) and VI (Vulnerability Intelligence) advisories, KB articles and vendor security bulletins
  • Create and maintain relevant service delivery and process documentation
  • Contribute to the Continuous Service Improvement initiative through suggesting new ideas to the Product Owner and driving automation
  • Participate in Scrum meetings
 
Who you are:
  • You have at least 5 years of experience in IT Support, IT Operations or Cybersecurity
  • You understand fundamental Cybersecurity concepts with the focus on Vulnerability Management (having professional certifications would be an asset)
  • You have basic sysadmin and troubleshooting skills in Operating Systems, Databases, Networks, Middleware, Desktop Applications, Virtualization and Cloud
  • You know how to use Qualys VMDR, Tanium Patch, Splunk, RSA Archer
  • You are a good communicator, able to manage multiple stakeholders from different regions and assignments simultaneously and liaise with both technical and non-technical audiences
  • You are familiar with ITIL and Agile methodologies 
  • You know how to use Atlassian tools like JIRA and Confluence and ticketing systems like ServiceNow or Remedy
  • You have passion for automation, improvements and continuous learning

What We Offer:
  • Employee savings plan;
  • Premium life insurance package;
  • VIP medical package;
  • Multisport card/cinema tickets / money transfer
  • International operating environment;
  • Language classes;
  • Soft skills trainings;
  • Technical workshops