Senior Vulnerability Engineer - Barcelona - Hybrid work model

Reporting to the Manager of this division, your main responsibilities will be:

Operate the vulnerability management platform and associated processes, including maintaining asset inventories, coordinating validations and retests, supporting detection tuning, delivering metrics and runbooks that empower engineering teams to remediate efficiently, and engaging with product and platform stakeholders to facilitate triage, clarify ownership and coordinate remediation activities;Design and engineer scalable, secure integration patterns and automation for the vulnerability management ecosystem, including APIs, service-account patterns, CI/CD pipelines, data schemas, observability and SLAs; you will build reusable integration components, document interfaces and hand off stable integration artifacts for others to consume;Operate offensive and assessment capabilities, perform vulnerability scanning and testing workflows, and run the bug-bounty / vulnerability disclosure life-cycle (triage, closure and retests);Conduct and evaluate internal penetration tests and red team exercises to validate controls, test detection and response, and produce actionable remediation guidance;Conduct deep technical vulnerability investigations, run threat-modelling sessions, coordinate countermeasure testing to validate mitigation's, and triage and prioritise findings with product and infrastructure teams;Ensure assets forward appropriate telemetry to central detection systems, help define detection rules, and convert intelligence and scan output into meaningful alerts and triage workflows;Act as a cross-team subject matter expert supporting other Security and engineering/product teams with remediation guidance, run-books and best practices.