Senior Vulnerability Management Engineer (Cybersecurity)

TL;DR

Senior Vulnerability Management Engineer (Cybersecurity): Managing external threats, vulnerability scanning, and penetration testing for a regulated financial environment with an accent on threat intelligence and risk oversight. Focus on validating the effectiveness of first-line controls, performing independent penetration tests, and ensuring regulatory compliance with frameworks like NIST and ISO 27001.

Location: Hybrid in Stockholm, Sweden

Company

hirify.global is a professional recruitment firm specializing in cybersecurity and technology placement.

What you will do

• Monitor and analyze threat intelligence activities, identifying systemic vulnerabilities and emerging risks.
• Oversee vulnerability management processes, reviewing scan results and challenging remediation timelines.
• Plan and execute independent 2nd line penetration tests on critical controls and technology assets.
• Assess the effectiveness of cyber risk controls and provide independent oversight of IT functions.
• Refine incident response plans and procedures based on current threat landscapes.
• Develop cyber risk policies and ensure alignment with GDPR and FCA regulations.

Requirements

• Advanced degree in Cybersecurity, Computer Science, or a related field.
• 10+ years of experience in cybersecurity, preferably within fintech or regulated financial services.
• Deep understanding of vulnerability/patch management and penetration testing methodologies.
• Proficiency with frameworks such as NIST, ISO 27001, MITRE ATT&CK, and CIS.
• Strong analytical and stakeholder management skills.
• Must be based in or able to work in Stockholm on a hybrid basis.

Nice to have

• Certifications such as CISSP, CISM, CEH, OSCP, or GIAC.