Security Engineer/Vulnerability & Automation, Hybrid

Description

Job Summary: We are seeking a Security Engineer with experience in complex corporate environments, specializing in vulnerability management, hardening, and automation to strengthen the Cybersecurity area. Key Highlights: 1. Design and automation of Vulnerability Management processes 2. Technical analysis of vulnerabilities in cloud, on-premise, and hybrid environments 3. Implementation and enhancement of technical security controls Security Engineer/Vulnerability & Automation We are looking for a Security Engineer with experience in complex corporate environments, specializing in vulnerability management, hardening, and automation of security controls, to strengthen the Cybersecurity area. **Work Model:** Madrid (Hybrid) Advanced English (mandatory; official language of the project) Main Responsibilities Design and automation of processes across the full Vulnerability Management lifecycle (identification, prioritization, remediation, and reporting). Technical analysis of vulnerabilities in cloud, on-premise, and hybrid environments, assessing criticality and real-world exploitability risk. Technical review and validation of penetration testing reports, security scans, and audits. Security impact assessment for new projects and architectural changes (infrastructure, networks, applications, and APIs). **Implementation and enhancement of technical controls in:** Network Security Application Security (OWASP, secure configurations) Cloud Security Endpoint Protection Monitoring of key security metrics (SLA, MTTR, risk exposure, vulnerability backlog). Technical coordination with development, architecture, infrastructure teams, and external vendors (SOC/MSSP). Mandatory Requirements **Solid experience in:** Network Security Application Security Cloud Security Endpoint Security Vulnerability Management Platforms **Practical knowledge of tools:** VM, WAF, SIEM, AV, DLP, EDR, Web Content Filtering. Ability to technically prioritize vulnerabilities based on risk and business context. Experience automating security tasks to reduce operational overhead. Experience working with outsourced security services. Desirable Requirements **Certifications:** CISSP, GIAC, CEH, ITIL. Experience in continuous improvement of security processes. **We Offer:** Permanent contract with CAS Training Join a high-level European technical team in an innovative environment Attractive and flexible compensation package, negotiated according to your experience Free access to our Annual Training Catalog featuring top vendors: Microsoft, Linux, Oracle, ITIL, and many more! VM, WAF, SIEM, AV, DLP, EDR, OWASP, Cloud, SOC/MSSP