Senior Vulnerability Assessment and Mitigation Consultant

🔐 Senior Vulnerability Assessment and Mitigation Consultant - Onsite (Lisbon, Portugal)

About Devoteam Cyber Trust:

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. We're a team of 800+ experts across EMEA dedicated to making cybersecurity an enabler of business success, not just a gatekeeper.

Our Portugal team, established in 2009, specializes in providing cutting-edge Managed Security Services that combine expertise and proprietary technology to reduce cyber risk for our clients. We offer a comprehensive service range, including Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. We are ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and members of CREST and CIS - Centre for Internet Security.

What you'll do:

• Manage vulnerability assessments across multiple client IT infrastructures.
• Coordinate vulnerability assessment processes to identify cybersecurity weaknesses in client organizations.
• Analyze vulnerability assessment results to determine severity, potential impacts, and prioritize vulnerabilities for mitigation.
• Collaborate with client internal teams to develop and implement mitigation strategies.
• Maintain clear communication and provide continuous updates on vulnerability status and mitigation efforts.
• Provide critical insights to inform decision-making and enhance client cybersecurity posture.
• Stay up-to-date with the latest cybersecurity trends and technologies.

What we're looking for:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Proven experience as a Vulnerability Management Consultant or similar role.
• Experience with industry compliance, regulations, standards, and frameworks related to cybersecurity (e.g., ISO 27001, NIST, COBIT).
• Experience in risk management, from identification and evaluation of risks to developing and implementing mitigation strategies.
• In-depth knowledge and experience with OWASP Top Ten vulnerabilities and their remediation techniques.
• Proficiency in IT infrastructures, including on-premises systems, major cloud platforms (AWS, Azure, GCP), and virtualization platforms (VMware ESXi, Hyper-V, KVM, Docker, Kubernetes).
• Experience with networking technologies (Cisco, Juniper, F5), server environments (Windows, Linux, Unix), and desktop systems (Windows, Linux, macOS).
• Experience with vulnerability assessment frameworks and tools (OpenVAS, Nessus, Qualys).
• Proficiency in coding languages (Java, .NET, or Python) for IAM automation and integration tasks.
• Strong organizational, analytical, and problem-solving skills.
• Strong sense of ethics, integrity, and responsibility.
• Excellent communication and teamwork skills.
• Fluency in Portuguese and high proficiency in English.

Nice to have:

• Relevant certifications (CISSP, CISM, CEH, OSCP).
• Experience with specific vulnerability analysis frameworks and tools (Burp Suite, Metasploit).
• Participation in cybersecurity and vulnerability-related communities, forums, or professional networks.

What we offer:

• Professional development and talent monitoring.
• Commitment to employee development.
• Opportunity to work in a growing and evolving company.
• Strong organizational culture: collaboration, sharing, flexibility, integrity, and low ego.

Ready to join our team? Send your CV!

Job Category: Healthcare