Job Summary: We are seeking a professional to manage the vulnerability lifecycle—identifying, assessing, and prioritizing threats across systems, networks, and applications—with a focus on offensive security. Key Highlights: 1. Vulnerability lifecycle management and offensive security 2. Dynamic and multidisciplinary work environment 3. Continuous training and certification opportunities **What is Telefónica Tech?** Telefónica Tech is the leading digital transformation company within the Telefónica Group. We offer a comprehensive portfolio of integrated technology services and solutions in Cybersecurity, Cloud, IoT, Big Data, Artificial Intelligence, and Blockchain, supporting our clients throughout their digital transformation journey. We are a team of over 6,200 bold professionals working daily from diverse locations worldwide to achieve excellence through transparent leadership and a strong team spirit. If you identify with our core values, we look forward to meeting you! www.telefonicatech.com **What Do We Do in the Team?** Within Telefónica Tech’s **Offensive Security Unit**, our objective is to provide organizations with an accurate and realistic security posture, enabling us to help our clients uncover critical vulnerabilities in their environments and assist in prioritizing and addressing risks based on exploitability and impact. In our team, we manage vulnerabilities across organizational systems, networks, and applications. Our work involves identifying, evaluating, and prioritizing potential security threats and weaknesses to ensure all digital assets remain protected against possible risks. We employ specialized tools and testing methodologies to detect vulnerabilities, analyze their severity levels, and implement mitigation measures—including patches, security configurations, and other preventive actions. **What Will Your Day-to-Day Look Like?** Your mission will be vulnerability lifecycle management. Your day-to-day responsibilities will include: + Onboarding and provisioning of assets into vulnerability management tools. + Ongoing analysis of reported vulnerabilities to assess actual probability and impact, thereby adjusting criticality/severity ratings, as well as reviewing and eliminating false positives. + Strong expertise in Qualys as a vulnerability management tool. + Support in defining prioritized remediation plans. + Generation of monthly reports and KPIs. + Installation of vulnerability scanning probes. + Review and enhancement of scanning profiles. + Opening and managing customer requests via the ticketing platform. + Service follow-up meetings. + Technical support for team management. + Script-based automation. + Ability to design and integrate solutions across the vulnerability lifecycle. + Identification of automation opportunities within the vulnerability management lifecycle using scripts or orchestration platforms. **And For This, We Believe It Would Be Ideal If You Had…** **Experience** + Minimum 1 year of experience in vulnerability lifecycle management projects. + Experience in automation (Python, PowerShell, APIs). + Experience with ticketing platforms such as Jira or ServiceNow. **Education** + University degree, medium/senior-level vocational training (FP), or equivalent professional experience. + Desirable: - Qualys vendor-specific certifications. **Technical Knowledge** + Solid technical knowledge of Qualys as a vulnerability scanning tool. + Programming and scripting languages including Python, Bash, PowerShell, etc. + Ability to interpret vulnerability scan results, risk levels, and recommend remediation actions. **Skills that would align well with the team and project include:** + Passion for technology and offensive security. + Creativity and a hacker mindset. + Proactivity and ability to embrace challenges. + Ability to convey technically complex ideas to non-technical audiences. + Teamwork capability. + Leadership. **Languages** + Required: - Native Spanish. - English B2 **What Do We Offer?** * Work-life balance measures and flexible working hours. * Continuous training and certification opportunities. * Hybrid remote work model. * Attractive social benefits package. * Excellent dynamic and multidisciplinary work environment. * Volunteering programs. **\#WeAreDiverse \#WePromoteEquality** We firmly believe that diverse and inclusive teams are more innovative, transformative, and achieve better results. Therefore, we promote and guarantee inclusion for all individuals regardless of gender, age, sexual orientation or identity, culture, disability, or any other condition. We want to meet you!