Devoteam Cyber Trust |Junior Vulnerability Manager | Fintech Sector
Devoteam | Cyber TrustPortugal1 day ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Devoteam Cyber Trust is the specialized cybersecurity unit of the Devoteam Group. With over 800 experts across the EMEA region, our mission is to position cybersecurity as a business enabler, not a barrier. We take a comprehensive approach to Cyber Resilience, Applied Security, and Security Service Management to safeguard the digital journey of large and mid-sized enterprises across all sectors and industries.
Since 2009, previously known as INTEGRITY, our Portugal-based team has specialized in delivering cutting-edge Managed Security Services. By combining expertise with proprietary technology, we consistently and effectively reduce our clients' cyber risk. Our wide range of services includes Persistent Penetration Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. Certified in ISO 27001 (Information Security) and ISO 9001 (Quality), PCI-QSA, and members of CREST and CIS (Center for Internet Security), we serve a significant number of clients in over 20 countries.
Job Description
The Junior Vulnerability Manager will join the Security team and will be responsible for supporting the management of the vulnerability lifecycle, with a particular focus on the operation and improvement of the scanning process.
Key Responsibilities:
What we offer:
Since 2009, previously known as INTEGRITY, our Portugal-based team has specialized in delivering cutting-edge Managed Security Services. By combining expertise with proprietary technology, we consistently and effectively reduce our clients' cyber risk. Our wide range of services includes Persistent Penetration Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. Certified in ISO 27001 (Information Security) and ISO 9001 (Quality), PCI-QSA, and members of CREST and CIS (Center for Internet Security), we serve a significant number of clients in over 20 countries.
Job Description
The Junior Vulnerability Manager will join the Security team and will be responsible for supporting the management of the vulnerability lifecycle, with a particular focus on the operation and improvement of the scanning process.
Key Responsibilities:
- Operation and Maintenance of Vulnerability Scans:
- Scan Execution: Perform vulnerability scans using Nessus, including preparing network files to be scanned and validating scan status (often automated; occasional weekend work may be required).
- Troubleshooting: Diagnose and resolve issues when scans fail, including:
- Network diagnostics (connectivity, port issues, Layer 2/3, next-hop configuration, routing, VLANs/Trunks).
- Diagnosing issues in Nessus and the Operating System.
- Analyzing and improving Python scripts responsible for scanning processes.
- Automation and Data Handling:
- Script Development (Python/Bash/SQL): Develop, modify, and maintain scripts to automate vulnerability management tasks.
- Code Migration: Participate in converting Python 2 scripts to Python 3.
- Database Management (SQL): Retrieve and correlate asset lists with scan database information, create data insertion queries, and process results.
- Data Processing: Use tools such as Regex, Excel (Pivot Tables), and Bash to process, correlate, and prepare scan results for various purposes.
- Quarterly Preparation: Support automation for folder creation in Nessus and asset list processing.
- Post-Scan and Vulnerability Management:
- Result Handling: Analyze scan results, improving scripts to prevent known false positives.
- Vulnerability Closure: Use Burp (or develop alternative Python scripts) to automate batch closure of resolved vulnerabilities.
- Security Analysis: Assess vulnerabilities to determine if they are false positives (requires basic security knowledge).
- Validation: Perform basic security validations (entry-level pentesting skills) to confirm vulnerability resolution.
- Risk Management: Apply basic risk management knowledge to evaluate and propose vulnerability parking timeframes.
- Infrastructure and Planning:
- Planning: Map networks and schedule scans, considering average execution times and restrictions.
- System Configuration: Reinstall the operating system and configure Nessus on dedicated laptops (requires Unix knowledge).
- Asset Validation: Correlate new CMDB assets with the networks configured in planned scans (SQL, Bash, Python).
- Security Knowledge (for example knowledge of pentesting)
- Programming skills (Python)
- Network Knowledge
- Unix (important to know network commands, bash commands)
- SQL knowledge
- Brief knowledge of risk management
- Fluency in English and Portuguese.
What we offer:
- Professional development and monitoring talent;
- Commitment to our employees' development;
- Collaboration in a company that is constantly growing and evolving;
- Strong organizational culture: collaboration, sharing, flexibility, integrity and low ego.
Key Skills
Ranked by relevanceReady to apply?
Join Devoteam | Cyber Trust and take your career to the next level!
Application takes less than 5 minutes