Jobs · justjoinit

E

Lead Risk & Vulnerability Management Engineer

Brightpath Technologies · Katowice · Posted 1d ago

hybridContractsenior170-180 pln🇵🇱 Poland
Apply on justjoinit

About the role

Lead Risk & Vulnerability Management Engineer
Location: Remote work model with occasional visits to the client’s office in Katowice (approximately 3–4 days per month)
Availability: ASAP / within 1 month
Contract Type: B2B via Experis
About the Role:
We are seeking a seasoned Tier 3/4 Risk & Vulnerability Management expert to lead the build, operationalization, and delivery readiness of a next-generation Risk & Vulnerability Management service. This role is critical to ensuring the service is implementable, scalable, customer-ready, and operationally effective within a managed services environment.
Acting as a Delivery SME, you will work closely with Product Management, SOC teams, and Delivery teams to translate service concepts into standardized, executable, and scalable operations while bridging strategic objectives with day-to-day execution.
Responsibilities:
Service Design & Delivery Readiness
– Translate product and service requirements into operational designs, including processes, tooling integrations, and delivery models
– Define delivery frameworks, SLAs, KPIs, and reporting models aligned with scalable managed services execution
– Partner with Product Management to operationalize defined service capabilities, ensuring feasibility, consistency, supportability, and delivery readiness
– Define ownership models (RACI) and support audit and compliance requirements
– Account for OT-specific constraints where patching is not feasible and define appropriate risk management approaches
– Translate vulnerability data into business risk insights and executive-level decision support
Service Launch & Operationalization
– Lead service implementation and rollout activities from a delivery perspective
– Define and implement operational processes aligned with ITIL best practices where applicable
– Drive integration of vulnerability scanners, ITOM platforms, SIEM solutions, and ticketing systems
– Develop and maintain runbooks, playbooks, and standard operating procedures (SOPs)
– Ensure operational readiness across SOC and Delivery teams through training, knowledge transfer, and structured handoffs
– Drive standardization and repeatability of service delivery across multiple customers and environments
Stakeholder Collaboration
– Work closely with Product Management, which owns the service definition and roadmap
– Collaborate with SOC teams to ensure execution alignment and effective escalation models
– Partner with Delivery teams responsible for day-to-day service execution
– Serve as a Tier 3/4 technical escalation point for complex risk and vulnerability management scenarios
– Engage effectively with customer stakeholders, internal leadership, and cross-functional teams
Automation & Continuous Improvement
– Drive automation initiatives to improve delivery efficiency, scalability, and operational effectiveness
– Develop and enhance workflow automation capabilities
– Implement and improve risk prioritization logic and decision-making processes
– Create and optimize reporting capabilities and operational dashboards
– Identify opportunities to reduce manual effort and improve consistency across service delivery
– Promote an automation-first approach to service operations and continuous improvement
Requirements:
Experience
– 8+ years of hands-on experience in cybersecurity, vulnerability management, or risk management
– Proven experience operating at Tier 3/4 level, handling complex escalations and advanced technical scenarios
– Demonstrated track record of building and operationalizing managed security services with a strong delivery focus
Technical Expertise
– Strong hands-on experience with vulnerability management platforms such as Tenable, Qualys, Rapid7, or similar solutions
– Deep understanding of risk-based vulnerability prioritization methodologies, including CVSS, EPSS, and threat intelligence integration
– Solid understanding of SOC workflows, SIEM environments, and ITSM/ITOM platforms
– Experience with ServiceNow, particularly ITOM, SecOps, or Vulnerability Response modules, is highly preferred
Service Delivery & Operations
– Experience translating service requirements into operational processes, delivery models, runbooks, and procedures
– Strong knowledge of ITIL and service management principles
– Proven ability to deliver standardized, scalable, and repeatable managed services
Automation & Tools
– Experience with SOAR platforms and workflow automation solutions
– Ability to design and drive automation-first approaches that increase efficiency and reduce manual effort
Soft Skills
– Strong stakeholder engagement skills across Product Management, SOC, and Delivery teams
– Ability to operate as a Delivery SME, effectively bridging strategy and execution
– Excellent communication and collaboration skills
– Experience engaging customer stakeholders and internal leadership teams
– Strong problem-solving skills and the ability to operate effectively within complex enterprise environments
Preferred Certifications
– CISSP, CISM, or CISA, particularly in the areas of security governance and risk management
– GIAC certifications such as GSEC, GPEN, or GCIA
– Vendor-specific certifications related to Tenable, Qualys, ServiceNow, or similar technologies
Our Offer:
– Multisport card
– Private healthcare (Medicover)
– Access to an e learning platform
– Group life insurance

Read the full posting on justjoinit

FAQ

Is the Lead Risk & Vulnerability Management Engineer role at Brightpath Technologies remote?+

This Lead Risk & Vulnerability Management Engineer position is listed as hybrid (Katowice).

What is the salary for the Lead Risk & Vulnerability Management Engineer role at Brightpath Technologies?+

The listing states 170-180 pln.

What seniority level is this Lead Risk & Vulnerability Management Engineer role?+

This is a senior level position.

How do I apply for the Lead Risk & Vulnerability Management Engineer role at Brightpath Technologies?+

Use the "Apply on justjoinit" button to open the original posting on justjoinit, where you can submit your application directly to Brightpath Technologies.