Division: Group Technology Services (GTS)
Short description:
As a global critical financial infrastructure, protecting Euroclear’s information and assets is essential to our business. Security is at the heart of our services and is deeply embedded in our management systems and processes.
You will join our Group Technology Services (GTS) division as a member of the Patch Orchestration Team (Vulture Team). In this role, you will play a key part in safeguarding our digital assets by coordinating remediation activities for identified vulnerabilities and weaknesses across a wide range of IT technologies. This proactive approach helps us stay ahead of potential cyber threats and continuously strengthen our defenses.
We are seeking a motivated Vulnerability Management Specialist to support vulnerability remediation efforts across a diverse group of IT stakeholders. You will act as a liaison between the CISO offensive security teams -responsible for vulnerability scanning—and the IT platform owners responsible for remediation.
Responsibilities:
Vulnerability Scanning & Data Collection
1. Support stakeholders in using tools such as Rapid7 InsightVM.
2. Monitor weekly reports to ensure successful execution and data accuracy.
3. Validate and verify scan findings to reduce exceptions and redundant results, improving data quality.
Reporting & Dashboard Updates
4. Generate and maintain vulnerability reports for various teams.
5. Update and enhance dashboards in Excel and/or Power BI to reflect current security exposure.
6. Maintain remediation KPIs, trends, and compliance metrics.
Remediation Coordination
7. Review open vulnerabilities and track remediation progress with asset or application owners.
8. Send regular follow-up communications to responsible parties.
9. Help stakeholders understand vulnerability severity, impact, and recommended remediation actions.
Advisory & Support
10. Respond to queries from IT teams and business units regarding vulnerabilities and mitigation strategies.
11. Support teams with vulnerability trend analysis and related insights.
12. Assist with patching cycles by correlating vulnerabilities with available patches or configuration changes.
Documentation & Process Management
13. Document remediation processes and orchestration activities.
14. Maintain accurate records of scanning schedules, reports, and remediation status.
15. Track changes or anomalies in vulnerability trends.
16. Create dashboards at the team or tribe level for tailored reporting and security posture tracking.
Stakeholder Engagement
17. Participate in regular security orchestration and governance meetings with business units and senior stakeholders.
18. Collaborate with infrastructure, development, and risk teams to align on remediation priorities.
19. Escalate unresolved or critical issues to senior management (CISO & GTS) as needed.
Executive Reporting & Communication
20. Draft content for management reports and board-level updates.
21. Provide quarterly metrics and summaries on the organization’s security posture.
22. Share executive dashboards to highlight progress in risk reduction and key achievements.
Requirements:
Technical Skills:
23. Familiarity with vulnerability scanning tools such as Rapid7, Tenable, Qualys, or similar.
24. Strong skills in Excel (pivot tables, formulas, macros) and/or Power BI for data analysis and reporting.
25. Solid understanding of vulnerability types, CVSS scoring, threat exposure, and patch management.
Process & Communication Skills:
26. Proven ability to track, escalate, and follow up on remediation tasks across multiple teams.
27. Skilled at explaining technical security topics to non-technical audiences.
28. Understanding of risk-based prioritization and remediation strategies.
Stakeholder management:
29. Strong interpersonal skills to build and maintain effective relationships with cross-functional teams.
30. Ability to coordinate and drive outcomes independently.
31. Experience with ITSM tools (., ServiceNow, Jira, Azure DevOps) for managing remediation workflows.
Nice to Have:
32. Experience with automated orchestration platforms (., SOAR).
33. Familiarity with governance and compliance frameworks (., ISO 27001, NIST, PCI-DSS).
34. Experience preparing and presenting reports for senior leadership.
Soft Skills:
35. Excellent verbal and written communication skills.
36. Strong collaboration skills with both technical and non-technical stakeholders.
37. Ability to manage multiple priorities in a fast-paced environment.
#LI-AK2