Your daily tasks:

Performing regular vulnerability scans across infrastructure, endpoints and applications using tools such as Qualys, Nessus or OpenVAS.
Validating and analyzing scan results to identify exploitable or high-risk issues.
Prioritizing vulnerabilities based on risk, exposure, and business impact.
Working closely with IT, infrastructure and DevOps teams to ensure timely remediation or mitigation of findings.
Maintaining and optimizing scanning configurations, asset groups and exception handling workflows.
Supporting patch management monitoring and remediation tracking.
Creating reports, dashboards and metrics for internal stakeholders and compliance use.
Participating in security assessments, audits and hardening projects.

Strong understanding of vulnerability types (CVE, CVSS, CWE) and risk assessment methodologies.
Hands-on experience with at least one vulnerability management platform (e.g. Qualys, Tenable, Rapid7).
Familiarity with patching processes and system configuration management in enterprise environments.
Ability to analyze scan results and effectively communicate findings to both technical and non-technical stakeholders.
Working knowledge of operating systems (Windows, GNU/Linux, macOS) and network protocols.
Solid documentation skills and attention to detail.
Very good command of English.

Nice to have:

Experience with CI/CD security and integration of scanners into pipelines.
Familiarity with compliance frameworks (e.g. ISO 27001, NIST, SOC 2) and audit support.
Understanding of configuration compliance (e.g. CIS Benchmarks, SCAP).
Exposure to container scanning tools (e.g. Trivy, Anchore, Aqua).
Experience working with ticketing/integration platforms (e.g. Jira, ServiceNow) and knowledge databases (Confluence).
Security certifications such as CompTIA Security+, GSEC, or vulnerability-related training (e.g. Tenable, Qualys certified).

What we can offer:

A wide array of benefits: private medical care, life insurance, pro-health campaigns, gifts for different occasions.
An outstanding work atmosphere in a highly-skilled team of professionals, with flexible working hours, no dress code, and full support of the dedicated HR Business Partner.
Many opportunities for personal development: a dedicated development budget for each employee, extra two paid days for training and CSR, stable career paths, extensive internal and external training, and financing of English and Polish language classes.
State-of-the-art offices filled with chillout zones, a fully equipped kitchen, a gym (Wrocław office), and a free car park (Warsaw limited amount of space).

VulnOps Specialist

Explore more