3 Ofertas de Product Surveillance Supervisor Emea en Barcelona

As a Vulnerability Management Engineer, you will be a vital part of Adevinta's Information Security team. You'll manage proactive security programs, conduct in-depth technical assessments, and lead strategic security planning sessions. Your responsibilities will include driving automation initiatives for security processes, integrating advanced security tools, and leveraging threat intelligence to enhance our defensive capabilities.

You will be key in ensuring that Adevinta's security strategy covers industry-relevant security standards, leaving no gaps open to be exploited. The Vulnerability Management team is part of the Information Security department, where you'll collaborate closely with other services such as Secure Product Lifecycle, Incident Response and Governance. You may also be called on to interact with product development teams to help them secure their products.

What you will do:

• You will own the vulnerability management lifecycle, including identifying vulnerabilities (via scanning, penetration testing, bug bounties, configuration reviews, etc.), analyzing risks, prioritizing remediation, and coordinating fixes.

• You will drive DevSecOps practices by integrating and managing automated security tools (SAST, DAST, SCA, etc.) within CI/CD pipelines, interpreting results, and collaborating with Development and Operations teams to embed security throughout the development lifecycle.

• You will define and automate security controls and best practices for containerized environments (Docker, Kubernetes) and cloud infrastructure (IaC security scanning, configuration management).

• You will ensure our assets are properly reporting events to the SIEM, and support the definition of rules for generating alerts.

• You will support the other Infosec teams as a subject-matter expert.

• You will work in a hybrid environment (remote/on-site at Adevinta hubs in Barcelona or Amsterdam), with occasional EU travel required and will have the possibility of being on-call.

Who you are:

• You combine a passionate, open, and hacker mindset with strong analytical, technical, and problem-solving with the ability to synthesise complex data into actionable insights.

• You recognize the need for automation to handle problems at scale, and you have proven experience implementing security automation. (e.g., Python, Go, etc.)

• You are proficient in securing cloud environments (preferably AWS) and containerized workloads (Docker, Kubernetes); experienced in integrating security into CI/CD pipelines (e.g., GitHub Actions, Jenkins) and Infrastructure as Code (e.g., Terraform).

• You possess a deep and broad understanding of core cybersecurity principles, common attack vectors (e.g., OWASP Top 10), mitigation techniques, cryptography, standard frameworks, and security across network, protocol, system, and application layers.

• You have in implementing DevSecOps practices, including integrating security tools (SAST, DAST, SCA) into pipelines and guiding development teams on secure coding and vulnerability remediation.

• You are an effective communicator and collaborator who takes ownership of problems, builds relationships, influences others, and thrives in a multicultural environment.

• You are fluent in English (spoken and written).

Nice to have:

• Proficiency in threat modelling.

• Notions of incident response.

• Public or private presentations.

• Open source contributor.

• Participation in conferences and training.

• Certifications.

• Membership in bug bounty programs, CTF player or member of ethical hacking communities, recognition in the Hall of Fame, CVE mentions or vulnerability reporter.

d364c79397a5a57

4e31636d6c c59584e30

5a a57646e4c6e4d7a4c57

56314c58646c d

d

39744c a c636c39

6c5a c6d64360a

As a Cyber Resilience Risk Specialist, you will play a vital role in ensuring the security and stability of our organization's cyber systems. You will be responsible for coordinating and executing the top cyber threat assessment for all entities.

This is an exciting opportunity to engage with a service that is responsible for the coordination and execution of the top cyber threat assessment. Your key responsibilities will include:

• Managing and maintaining the cyber risk quantification model in collaboration with the vendor
• Regularly analyzing and validating input data and model results
• Supporting the delivery of cyber risk quantification services provided to clients globally
• Evaluating and presenting model results
• Coordinating model changes in collaboration with the vendor
• Providing functional support for an internal platform, as well as conception and testing of functional requirements
• Conducting training sessions and providing functional support for tool users
• Preparing, revising, and maintaining relevant documentation

To succeed in this role, you will need to possess the following skills and qualifications:

• Experience with risk quantification model tools is a plus
• Good knowledge of risk management principles and practices
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills
• Ability to work collaboratively with internal and external stakeholders
• Ability to analyze data and extrapolate relevant information, identify problem root causes, and think creatively for solutions
• Experience in cyber risk and knowledge of information security standards is a plus
• Bachelor's or master's degree in mathematics, statistics, economics with a quantitative focus, or a related field is recommended

We offer a competitive compensation package, including a company bonus scheme, pension, employee shares program, and multiple employee discounts (details vary by location). We also provide flexible working options, health and wellbeing offers, and support for career development and digital learning programs.

From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery, and empowerment are fostered.