About our client Multinational Company Job Description We are seeking a bilingual and experienced Vulnerability Management Engineer to join our cybersecurity team. This remote role (based in Colombia) requires a strong background in security operations and vulnerability management. The selected candidate will lead the design, quality assurance, automation, and continuous improvement of the vulnerability management lifecycle. This leadership position is crucial in strengthening the organization's defenses against evolving cyber threats. Responsibilities Define and maintain the vulnerability management process, including integration with ITSM tools and policy development. Oversee the design, QA, automation, and continuous improvement of vulnerability workflows. Establish prioritization criteria and risk matrices that align technical and business impact. Manage vulnerability findings across cloud environments and applications. Approve exceptions for specific vulnerabilities when justified. Lead DevSecOps integration and coordinate regular security testing, including SAST, DAST, IAST, SCA, infrastructure, and container vulnerability scanning. Assess and prioritize vulnerabilities, coordinating remediation with relevant teams. Track mitigation progress and ensure compliance with standards. Collaborate with IT and development teams to embed security into the SSDLC. Plan security integration into projects following industry best practices. Threat Intelligence & Threat Hunting Support the development of threat intelligence and threat hunting processes. Manage the threat intelligence lifecycle: collection, analysis, and dissemination. Lead proactive threat hunting to detect IOCs, IOAs, APTs, and other malicious activities. Enhance threat intelligence feeds and integrate them into detection systems. Use threat insights to update incident response playbooks and inform leadership. Threat Intelligence Integration Establish brand monitoring processes. Integrate IOCs and threat feeds into monitoring tools and align with MITRE ATT&CK. Use threat intelligence to enrich incident response and improve detection. Collaborate with incident response teams and support root cause analysis. Candidate Profile (h/m) 5+ years of experience in cybersecurity, with at least 3 years in vulnerability management. Proven experience in security infrastructure management and technologies such as CSPM, firewalls, FWaaS, IPS, EDR/NDR/XDR, SWG, ZTNA, CASB, WAF/WAAP, SIEM systems, Microsoft Entra Privileged Identity Management, and encryption solutions. Proven experience in vulnerability management, threat intelligence, and threat hunting. Hands-on experience with threat hunting tools like ELK stack, Splunk, and similar platforms. Experience in malware analysis and forensics. Cloud security experience (Azure, AWS, Google Cloud) is a plus. What We Offer Opportunity to join a multinational company and work with international teams. #J-18808-Ljbffr