Acerca de nuestro cliente Multinational Company Descripción We are looking for a bilingual and experienced Vulnerability Management Engineer to join our cybersecurity team. This remote role (based in Colombia) requires a strong background in security operations and vulnerability management. The selected candidate will lead the design, quality assurance, automation, and continuous improvement of the vulnerability management lifecycle. This leadership position plays a key role in strengthening the organization's defenses against evolving cyber threats. Vulnerability Management - Define and maintain the vulnerability management process, including integration with ITSM tools and policy development. - Oversee the design, QA, automation, and continuous improvement of vulnerability workflows. - Establish prioritization criteria and risk matrices that align technical and business impact. - Manage vulnerability findings across cloud environments and applications. - Approve exceptions for specific vulnerabilities when justified. - Lead DevSec Opsintegrationandcoordinate regularsecuritytesting,including: - SAST, DAST, IAST, SCA - Infrastructure and container vulnerability scanning - Assess and prioritize vulnerabilities, coordinating remediation with relevant teams. - Track mitigation progress and ensure compliance with internal and external standards. - Collaborate with IT and development teams to embed security into the SSDLC. - Plan security integration into projects following industry best practices. Threat Intelligence & Threat Hunting - Support the development of threat intelligence and threat hunting processes. - Manage the threat intelligence lifecycle: collection, analysis, and dissemination. - Lead proactive threat hunting to detect IOCs, IOAs, APTs, and other malicious activity. - Enhance threat intelligence feeds and integrate them into detection systems. - Use threat insights to update incident response playbooks and inform leadership. Threat Intelligence Integration - Establish brand monitoring processes. - Integrate IOCs and threat feeds into monitoring tools and align with MITRE ATT&CK.; - Use threat intelligence to enrich incident response and improve detection. - Collaborate with incident response teams and support root cause analysis. Perfil buscado (h/m) - 5+ years of experience in cybersecurity, with at least 3 years in vulnerability management. - Proven experience in security infrastructure management, security technologies (e.g., CSPM, firewalls, FWaaS, IPS, EDR/NDR/XDR, SWG, ZTNA, CASB, WAF/WAAP, SIEM systems, Microsoft Entra Privileged Identity Management and encryption solutions, among others.) - Proven experience in vulnerability management, threat intelligence and threat hunting. - Hands-on experience in threat hunting, leveraging tools such as ELK stack, Splunk, and similar platforms. - Experience in threat hunting, malware analysis and forensics. - Experience in cloud security is a plus (Azure, AWS, Google Cloud, etc.). Qué Ofrecemos - Opportinity to join a multinational company and work with international teams