Senior Cyber Security Engineer - TestNG - Híbrido en Dematic

Senior Cyber Security Engineer will be part of IT Security Global Team responsible for the global vulnerability management in KION Group. The person will take the responsibility for managing the entire vulnerability lifecycle, having a significant contribution to the IT Services delivered by KION Group IT

The Role

Senior Cyber Security Engineer will be part of IT Security Global Team responsible for the global vulnerability management in KION Group. The person will take the responsibility for managing the entire vulnerability lifecycle, having a significant contribution to the IT Services delivered by KION Group IT

Responsibilities

To be successful in this role, your proven track record will enable you to deliver against the following key performance areas:

• Take the lead on enterprise vulnerability assessments, ensuring broad and continuous coverage across systems, applications, and cloud environments.
• Identify and analyze security vulnerabilities in both infrastructure and web applications, providing clear risk context to help prioritize remediation.
• Architect, operate, and enhance the enterprise vulnerability management platform and scanning infrastructure to ensure scalability, performance, and integration with other security tools and workflows.
• Coordinate and manage third-party penetration testing engagements, ensuring alignment with compliance requirements and providing strategic guidance on risk mitigation priorities.
• Own the end-to-end vulnerability management lifecycle—from identification and risk analysis to remediation tracking, validation, and reporting—ensuring timely resolution and adherence to SLA requirements.
• Collaborate cross-functionally with application development, DevOps, and infrastructure teams to advise on secure design patterns and drive remediation efforts through automation and process improvement.
• Develop and implement automation strategies to optimize vulnerability detection and remediation workflows, reducing manual effort and improving overall security posture.
• Act as a subject matter expert in vulnerability management, contributing to policy development and mentoring junior team members when needed.
• Deliver executive-level reporting and metrics that provide visibility into vulnerability trends, risk exposure, and remediation progress for leadership and audit stakeholders.

Qualifications:

• Bachelor's degree in IT or related
• Strong understanding of application security principles, including deep familiarity with the OWASP Top 10 and the ability to clearly explain real-world risks and remediation strategies.
• Broad technical knowledge across enterprise IT and cloud ecosystems — including networking, operating systems (Windows/Linux), web technologies, APIs, databases, containerization (e.g., Docker, Kubernetes), and infrastructure-as-code.
• Proficient in scripting or automation using languages like Python, JavaScript, or Ruby to streamline security processes and improve detection/remediation workflows.
• Hands-on experience with vulnerability scanning and penetration testing tools (e.g., Nessus, Burp Suite, Nmap, Metasploit), with a solid grasp of how to translate findings into actionable improvements.
• Industry certifications such as OSCP, CISSP, CEH, or GIAC (e.g., GPEN, GSEC, or GWAPT) are highly valued.
• Strong analytical thinking, communication, and cross-functional collaboration skills — comfortable working with both technical and non-technical stakeholders.
• Self-driven, adaptable, and comfortable managing multiple priorities in a fast-paced environment.
• Fluency in English (spoken and written)