Cybersecurity Engineer

Job Description JOB DESCRIPTION VOC - VI (Vulnerability Intelligence), ASM (Attack Surface Management) & VM (Vulnerability Management) Expert Mission We are seeking a highly experienced cybersecurity professional to serve as an VOC Expert supporting the Vulnerability Intelligence (VI), Attack Surface Management (ASM), and Vulnerability Management (VM) teams. This role is pivotal in shaping the strategy, defining technical approaches, and supporting day-to-day operationsparticularly complex escalations and automation efforts. The ideal candidate will combine technical mastery in offensive security with practical experience in vulnerability lifecycle management and external attack surface discovery. The expert will act as a senior advisor and technical authority for the analyst teams, while also contributing to the design, scripting, and documentation of scalable security processes. The VOC Expert is responsible for: Vulnerability Intelligence (VI): Drive the qualification and risk analysis of newly disclosed vulnerabilitie Perform exploit PoC validation when needed to assess practical risk Maintain and enhance the central VI database, enriched with (EPSS, CVSS, QVS, SG-specific scoring models, and EUVD) Define and automate workflows for: Vulnerability qualification, exposure analysis, and prioritization Ingestion of qualified vulnerability data into the enterprise Data Lake Collaborate on documentation of VI methodology and threat intelligence integration Support proactive communication of high/critical vulnerabilities to asset and application owners Attack Surface Management (ASM): Operate and enhance external asset discovery and continuous monitoring using ASM tools Integrate asset coverage data from CMDB, and other internal datasets Design and implement scripts for: WHOIS/ASN/banner correlation Data enrichment and alert filtering Deploy and maintain custom scanning capabilities (e.g., Nuclei integrations) Provide expert input on threat modeling based on exposed assets and external footprint BlackBox Pentesting: Maintain the service delivery of the BlackBox Pentesting platform Automate the export of pentest data and integrate into Data Lake and Power BI dashboards Define and document onboarding workflows for new applications Actively guide analysts in prioritizing pentest requests and validating results. Vulnerability Management: Vulnerability review, recategorization, and false positive identification Proactive vulnerability testing and replay Pre-analyze and consolidate vulnerability data from various scanning tools Prepare concise syntheses of available vulnerabilities Offer guidance to the SO and CISO on vulnerabilities Collaborate with key stakeholders to develop strategies for vulnerability management Assist in defining vulnerability management KPIs and strategic goals Prepare concise, actionable summaries for high-risk vulnerabilities and trends Automate testing actions: Develop scripts and tooling to automate repetitive and complex tasks across VI, ASM, and VM Implement data pipelines to sync outputs from ASM/VI tools to dashboards and reporting engines Design streamlined workflows for vulnerability life cycle from detection to closure Collaborate with both offensive and defensive teams to support App managers and Asset managers in remediating vulnerabilities and issues Skills Bachelor's degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus Proven experience (10+ years) working within the Cybersecurity field, with a focus on offensive security, vulnerability intelligence and attack surface analysis. Proven experience on Penetration testing actions (web application, infrastructure, ) Proven expertise in: CVE analysis, exploit development/validation External asset discovery & mapping Threat modeling and prioritization Advanced knowledge of tooling such as: ASM platforms Nuclei, Shodan, Open Source CTI, vulnerability scanners (Qualys, Tenable, ) Pentester tools (Burp, SQLmap, Responder, IDA and Kali environment) Experience in investigating newly published vulnerabilities and assessing their risks and severity Strong scripting languages (e.g., Python, Bash, Powershell, C#, ) for automation and customization Experience with Pentester tools (Burp, SQLmap and Kali environment) Strong technical skills with an interest in open-source intelligence investigations Experience building dashboards in Power BI or similar tools. Familiarity with data lakes, API integrations, and ETL processes. Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. Personal Skills Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience Excellent ability to think critically under pressure Strong communication skills t