Vulnerability Management Analyst

Solvay is all about chemistry. We’re not just referring to chemical reactions here, but also to the magic that occurs when the brightest minds get to work together. This is where our true strength lies. In you. In your future colleagues and in all your differences. And of course, in your ideas to improve lives while preserving our planet’s beauty for the generations to come.

About the role

• Our Security & Risk Management team is integrated in the Digital Technology (DT) department.

• As a Vulnerability Analyst, your main goal will be to find and help fix security weaknesses in our systems. This includes everything from software and operating system flaws to mistakes in how our platforms are set up, even in the cloud.

• You will be accountable for:

  • Vulnerability Detection & Assessment: Proactively identify and evaluate security weaknesses. This involves:

    • Leveraging industry-leading vulnerability management platforms (e.g., Qualys, Microsoft Defender) for scanning and analysis.

    • Staying abreast of the threat landscape through subscriptions to security bulletins from authoritative sources (e.g., CISA) and vendor advisories.

  • Risk Prioritization: Accurately prioritize identified vulnerabilities based on their potential impact and exploitability. This requires a strong understanding of CVSS (Common Vulnerability Scoring System) scores and exploit intelligence.

  • Remediation Support & Coordination: Facilitate the efficient mitigation of vulnerabilities:

    • Escalate as necessary for emergency mitigation scenarios.

    • Evaluate the effectiveness of implemented remediation controls and adjust prioritization accordingly.

    • Provide timely and clear information to relevant teams (e.g., system owners, IT operations) about identified vulnerabilities, their severity, and potential impact.

    • Offer guidance and support to system owners on effective remediation strategies, pointing them to resources and best practices. You'll also assist in assessing the effectiveness of mitigation measures and adjusting prioritization as needed.

  • Continuous Monitoring & Reporting: Ensure end-to-end oversight and clear communication of vulnerability management efficacy:

    • Monitor the execution of the vulnerability management lifecycle, tracking progress and compliance.

    • Measure the compliance ratio of systems against the established prioritization matrix.

    • Generate weekly operational reports, providing clear insights into monitored aspects, visibility gaps, and leveraging automation where feasible.

  • Stakeholder Guidance: Provide actionable guidance to system owners on effective remediation strategies.

• We offer a permanent contract based on hybrid working mode.

About you:

• Relevant education degree or equivalent in Cybersecurity, Computer Science, Information Technology, or a comparable field.

• Relevant work experience in Vulnerability Management or Cybersecurity Analysis.

• Competencies:

  • Deep understanding of vulnerability classes: Proficient in identifying and analyzing software bugs, OS flaws, and critical misconfigurations across diverse environments, including on-premises infrastructure and hyperscale cloud platforms (AWS, Azure, GCP).

  • Proficiency with VM tooling: Hands-on experience with enterprise-grade vulnerability scanners and security posture management platforms (e.g., Qualys, Tanium, Crowdstrike, Windows Defender).

  • Threat & Risk Assessment: Demonstrated ability to assess technical risk, interpret CVSS scores, leverage threat intelligence, and understand exploit methodologies to prioritize vulnerabilities effectively.

  • Operating Systems & Network Protocols: Strong grasp of Windows and Linux, as well as TCP/IP, common network services, and security controls (e.g., firewalls, IDS/IPS).

  • Security Frameworks: Familiarity with common cybersecurity frameworks (e.g., NIST, ISO 27001) is a plus.

  • Scripting/Automation: Practical scripting skills (e.g., Python, PowerShell) for automation, data analysis, and reporting are highly advantageous.

  • Reporting & Analytics: Experience in developing clear, concise, and actionable reports for technical and executive audiences, potentially leveraging SIEM or dedicated reporting tools.

• Behaviors:

  • Strong attention to detail to ensure thorough identification and analysis of vulnerabilities.

  • Ownership and pride in maintaining the organization’s security integrity.

  • Ability to articulate complex technical issues and risks clearly and concisely, both verbally and in written form, to diverse stakeholders, from technical teams to senior leadership.

  • Proactive in identifying and addressing security weaknesses to prevent potential breaches.

  • Collaborative mindset to work effectively with IT, security, and application teams.

About the pay and benefits

• Attractive and equitable pay for all: compensation is determined within a range to foster your development in the role. While the primary country (Portugal) base pay reasonably expected for this role is 35 600 euros to 53 400 euros, your salary may ultimately be higher or lower based on your skills and experience. Additionally, we provide a competitive total rewards package that includes a bonus and/or other incentives.
• Solvay Cares program: minimum of 16 weeks of parenting leave for all employees and package with healthcare, disability and life insurance coverage.
• Prioritization of well-being: work-life balance promotion, flexible approach to work part-time or hybrid work arrangements (depending on the type of job), employee assistance program with access to physical and psychological support.
• Professional development: prioritization of internal talents for career progression, access to a training platform, opportunities to join Employee Resource Groups (ERG) for experience sharing and mentorship and free language courses.

#LI-Hybrid #middle

About us

• Solvay, a pioneering chemical company with a legacy rooted in founder Ernest Solvay's pivotal innovations in the soda ash process, is dedicated to delivering essential solutions globally through its workforce of over 9,000 employees. Since 1863, Solvay harnesses the power of chemistry to create innovative, sustainable solutions that answer the world’s most essential needs such as purifying the air we breathe and the water we drink, preserving our food supplies, protecting our health and well-being, creating eco-friendly clothing, making the tires of our cars more sustainable and cleaning and protecting our homes. As a world-leading company with €4.7 billion in net sales in 2024 and listings on Euronext Brussels and Paris (SOLB), its unwavering commitment drives the transition to a carbon-neutral future by 2050, underscoring its dedication to sustainability and a fair and just transition.
• At Solvay, we seek to promote unity and not uniformity. We value the diversity that individuals bring and we invite you to consider a future with us, regardless of background, age, gender, national origin, ethnicity, religion, sexual orientation, ability or identity. We encourage individuals who may require any assistance or accommodations to let us know to ensure a seamless application experience. We are here to support you throughout the application journey and want to ensure all candidates are treated equally. If you are unsure whether you meet all the criteria or qualifications listed in the job description, we still encourage you to apply.

#