Location: Bizkaia, BI, ES Professional Profile: Cybersecurity Required Experience: More than 2 years of experience Position Modality: Hybrid ### **This is the challenge** *At Minsait Cyber, we know that talent is the key to driving change and building a safer digital future. If you're ready to take on new challenges, grow professionally, and contribute your expertise to projects that truly make a difference, this is the place for you.* *Join our team as a* ***Vulnerability Management Technician*** *and become part of a constant transformation, where your impact will be essential in an innovative and evolving environment.* ### ### **About the team** Being part of our Prevent team means being on the front line of organizational security defense. From early detection to remediation and validation of vulnerabilities, we work on strategic projects that strengthen the security posture of companies in on\-premise, cloud, and hybrid environments. We anticipate threats and turn risks into opportunities for improvement, ensuring compliance and resilience. ### ### **Reasons to join Minsait Cyber** **Supportive and challenging environment** * You'll collaborate with recognized cybersecurity experts. * You'll participate in strategic projects using leading technologies. **Work-life balance and flexibility** * Adaptable work models: 100% remote or hybrid. * Flexible working hours. * 32 working days of annual leave. * Reduced working hours during summer and on Fridays. **Professional development** * Personalized career plans. * Continuous training with free access to **Udemy**. **Competitive conditions** * Permanent contract and compensation aligned with your experience and profile. * Life insurance. * Flexible compensation plans (meal card, childcare, transportation, private medical insurance). **Holistic wellbeing** * Wellbeing program: gym network, medical check-ups, physiotherapy at the office, health workshops, and telemedicine. ### **What you will do with us** * Operate and manage vulnerability scanning tools (**Tenable, Qualys, Rapid7, OpenVAS, Burp**). * Execute scheduled and on-demand scanning campaigns. * Analyze results, validating false positives and determining actual risks. * Perform expert vulnerability analysis, proof-of-concept tests, and manual validations. * Prioritize vulnerabilities using **CVSS** and business impact criteria. * Coordinate remediation actions with IT, cloud, development, and infrastructure teams. * Document, automate, and continuously improve service procedures. * Prepare technical and executive security reports. * Provide technical support and advice on emerging vulnerabilities. * Participate in security committees, audits, and compliance reviews. ### **What we are looking for to be part of this transformation** * **Experience (4\-5 years) in vulnerability management and ethical hacking/pentesting.** * Solid knowledge in: + Tools: **Tenable/Nessus, Qualys VMDR, Rapid7 InsightVM, OpenVAS, Burp Suite**. + Infrastructure: Linux, Windows Server, Active Directory, virtualization, networking. + Cloud: **AWS, Azure, GCP** (secure configuration, resource scanning). + Applications: **OWASP Top 10, REST APIs, web applications**. + Automation: scripting with **Python, Bash, PowerShell**, API integrations. + Exploitation: **Metasploit**, vulnerability PoCs. * Familiarity with frameworks such as **OWASP, MITRE ATT\&CK**. * **Certifications (required): OSCP, CEH, eJPT or GPEN.** ### **Minsait Cyber, Beyond diversity** *Our commitment is to promote work environments where people are treated with respect and dignity, fostering professional development and guaranteeing equal opportunities in hiring, training, and promotion. We offer an environment free from any discrimination based on gender, age, disability, sexual orientation, gender identity or expression, religion, ethnicity, marital status, or any other personal or social circumstance.*