Job offer

Exposure Management Technical Expert 100% (f/m/d)

The position of Exposure Management Technical Expert at Julius Baer in Madrid involves analyzing and validating security requirements, configuring and managing security devices, conducting penetration tests, and developing security measures. The ideal candidate has 3–5 years of experience in penetration testing, application security, or vulnerability assessment, and has a solid understanding of web application security and techniques.

Tasks

The main tasks include:
  • Scoping Support: Collaborating with exposure managers, application owners, and technology teams to define appropriate, risk-based areas for external penetration tests.
  • Hardening Baseline: Discuss hardening options with technology teams and architects to collaboratively define secure and resilient baseline options.
  • Technical Consulting: Serves as the technical point of contact for questions related to technology.
  • Testing & Techniques: Use of industry-standard tools (e.g., Burp Suite, Nmap) and manual techniques to validate vulnerabilities in web applications, APIs, and supporting infrastructure.
  • Standards Alignment: Ensuring that testing approaches and results align with industry best practices (e.g., the OWASP Testing Guide, OWASP Top 10) and internal security standards.
  • False Positive Management: Analysis and assessment of reported vulnerabilities, where necessary, to identify false positives and ensure proper classification.
  • Remediation Support: Providing technical support to development and infrastructure teams to effectively and sustainably address identified vulnerabilities.
  • Knowledge Sharing: Contributing to the continuous improvement of internal practices by sharing insights, best practices, and experiences among teams.
  • Collaboration: Close collaboration with exposure managers and global technical experts to ensure consistent quality and execution of all penetration tests.

Requirements

The requirements include:
  • Bachelor's degree in computer science, information security, or equivalent practical experience.
  • 3–5 years of practical experience in penetration testing, application security, or vulnerability assessment.
  • Extensive hands-on experience with web application security testing and tools (e.g., Burp Suite).
  • A solid understanding of common vulnerabilities (e.g., OWASP Top 10) and exploitation techniques.
  • Ability to read, understand, and reproduce technical findings from penetration test reports.
  • Experience with HTTP/S protocols, authentication mechanisms, and modern web architectures (APIs, microservices).
  • Strong analytical and problem-solving skills with attention to detail.
  • Effective communication skills, particularly when explaining technical issues to non-technical stakeholders.
  • Professional proficiency in English and Spanish.
  • Flexibility to work in Spain.

Optional

Optional:
  • Experience with Exposure or programming languages (e.g., Python, JavaScript) for automation or advanced testing.
  • Experience in financial services or regulated environments.
  • Experience with CI/CD security integration or DevSecOps practices.
  • German language skills.

Job details

© 2025 House of Skills by skillaware. All rights reserved.
Our website uses cookies to make navigation easier for you and to analyze the use of the site. You can find more information in our privacy policy.