Job offer
Exposure Management Technical Expert 100% (f/m/d)
The position of Exposure Management Technical Expert at Julius Baer in Madrid involves analyzing and validating security requirements, implementing compliance measures, and conducting penetration tests. The ideal candidate has experience in application security, penetration testing, and vulnerability assessment, as well as a solid understanding of web application security and related tools.
Tasks
- Record, analyze, validate, and document all safety requirements.
- Configure, manage, operate, develop, and engineer various types of security devices and appliances (forensic solutions, data protection, access management, zoning, Internet security, firewalls, etc.).
- Implementing compliance measures and training other employees.
- Scoping Support: Collaborating with exposure managers, application owners, and technology teams to define appropriate, risk-based scopes for external penetration tests.
- Hardening Baseline: Discuss hardening options with technology teams and architects to collaboratively define secure and resilient baseline options.
- Technical Consulting: Serve as the technical point of contact for questions related to technology security testing methods, interpretation of findings, and remediation approaches.
- Tooling & Techniques: Using industry-standard tools (e.g., Burp Suite, Nmap) and manual techniques to validate vulnerabilities in web applications, APIs, and supporting infrastructure.
- Standards Alignment: Ensures that testing approaches and findings align with industry best practices (e.g., OWASP Testing Guide, OWASP Top 10) and internal security standards.
- False Positive Management: Analysis and review of reported vulnerabilities, where necessary, to identify false positives and ensure proper classification.
- Remediation Support: Technical guidance for development and infrastructure teams on how to effectively and sustainably address identified vulnerabilities.
- Knowledge Sharing: Contributing to the continuous improvement of internal practices by sharing insights, best practices, and experiences across teams.
- Collaboration: Work closely with exposure managers and global technical experts to ensure consistent quality and execution of all penetration testing activities.
Requirements
- Bachelor's degree in computer science, information security, or equivalent practical experience.
- 3–5 years of practical experience in penetration testing, application security, or vulnerability assessment.
- Extensive hands-on experience with web application security testing and tools (e.g., Burp Suite).
- A solid understanding of common vulnerabilities (e.g., OWASP Top 10) and exploitation techniques.
- Ability to read, understand, and reproduce technical findings from penetration test reports.
- Experience with HTTP/S protocols, authentication mechanisms, and modern web architectures (APIs, microservices).
- Strong analytical and problem-solving skills with an eye for detail.
- Effective communication skills, particularly when explaining technical issues to non-technical stakeholders.
- Professional proficiency in English and Spanish.
- Willingness to work in Spain.
We offer
No information available.Job details