Vulnerability & Configuration Management Engineer
Tallinn, Estonia
1 day average response time from company
Recruiter
Vera Bekker
Roles:
Security
Must-have skills:
DockerKubernetes
One of skills:
AWSAzureGCP
Nice-to-have skills:
Python
Considering candidates from:
Estonia, Finland, Malta and Sweden
Estonia, Finland, Malta and Sweden
Work arrangement: Onsite or hybrid
Industry: Information Technology & Services
Language: English
Level: Middle or senior
Required experience: 4+ years
Relocation: Not paid
Visa support: Provided
Size: 201 - 500 employees
Vulnerability & Configuration Management Engineer
Tallinn, Estonia
1 day average response time from company
Company
The company was founded in 2010 with the goal of simplifying B2B content delivery for the modern iGaming landscape. Via a quick one-time integration, they provide access to a roster of 1000+ casino games and a diverse range of proprietary products, including Poker, Bingo and its own rapidly expanding slot portfolio. The high-quality aggregated content is provided through its selected partners.
Description
Now the company is looking for a skilled and pragmatic Vulnerability & Configuration Management Engineer to take ownership of their vulnerability management programme across the entire IT landscape. You will play a key role in identifying, prioritising and driving remediation of security risks at scale, while continuously improving processes, automation and reporting:
Task:
- Own and continuously improve the Vulnerability Management programme across applications, infrastructure and end-user devices
- Operate vulnerability management across the full IT estate including code, containers, servers, Kubernetes and endpoints
- Investigate vulnerabilities, drive remediation, and escalate complex issues when required
- Define and maintain processes for technical risk assessment, reporting, escalation and exception handling of vulnerability and configuration items
- Document vulnerability and configuration exceptions in a structured and auditable way
- Provide regular reporting to stakeholders including management, regulators and external partners
- Own and manage recurring reviews of secure configurations (endpoints, baselines, environments, Microsoft recommendations, etc.)
- Manage the full risk lifecycle for vulnerabilities and configuration-related risks
- Contribute to broader security initiatives and tasks as required
- Drive automation of vulnerability analysis, risk scoring and reporting
- Collaborate with engineering and IT teams to prioritise remediation aligned with risk appetite
- Propose and implement pragmatic, secure configuration improvements
Must-have:
- Strong experience in Vulnerability Management
- Solid reporting and risk communication skills
- Automation experience is beneficial
- Hands-on experience with tools such as Tenable, Microsoft Vulnerability Management, and Snyk
- Understanding of risk management principles
Nice-to-have:
- Certifications (SC-200 – Microsoft Security Operations Analyst, MD-102 – Microsoft 365 Endpoint Administrator Associate, SC-300 – Microsoft Identity and Access Administrator, Tenable certifications)
- Automation experience is beneficial
- Experience in a scaling or maturing startup environment
- Experience within iGaming or other regulated industries
- Bachelor’s degree in Computer Science or similar
- CISSP / CISM
Benefits and conditions:
- Trial period: 4 months
- Hybrid work (3 days a week in the office)
- Sport and health benefits
- Team events
- Budget for self-education
Interview process:
- Intro call with Toughbyte
- Screening call with CIO & Hiring Manager
- Technical assignment
- Technical interview
- HR call and reference check
Questions
Have questions about this position? Try the company page or sign up to ask one.