Cyber Security Vulnerability Management Analyst (m/f/d)

Contract type:full-time, unlimited
Location: Munich, Düsseldorf, Berlin (Teltow), Nuremberg, Hamburg
Entry: At the earliest possible date

Working anywhere. We work where it is most productive. After a successful application process, we offer you the opportunity to work anywhere in Germany. At Telefónica, we rely on a flexible hybrid model that includes the benefits of both remote work and on-site work. You will be assigned to the nearest Telefónica location based on where you live. We will discuss further details with you during the application process.

Who we are

We are O2 Telefónica - with our mobile brands we connect millions of people and offer our customers mobile freedom in the digital world. As a leading telecommunications provider, we are playing a key role in shaping digitisation in Germany. Our approximately 7,400 employees in Germany drive the transformation forward every day - in our own company as well.

Telefónica is one of the top employers in Germany and is part of the global telecommunications group Telefónica S.A. with 110,000 committed employees worldwide.

Become part of our unique team and let’s make a difference together!

Job Description

As a Cyber Security Vulnerability Analyst you will be responsible to detect weaknesses in our infrastructure and applications, manage the vulnerabilities lifecycle, advise all stakeholders to take the right measures to correct and strengthen security within the systems.

What to expect

• Performing vulnerability and security configuration scans (applications, network, server and mobile network)
• Prioritisation and steering of remediation tasks and alignment with system or application owner
• Performing advanced investigations and proposing proactive measures of protection
• Managing of vulnerability lifecycles
• Working with other internal teams for vulnerabilities gathering and helping with ad-hoc requests
• Provide guidance and direction to other business units
• Steer penetration tests
• Reporting regular metrics, trending to established goals
• Present status and trends to leadership

What you bring

• Bachelor’s degree in Computer Science / Information Technology or equivalent experience
• Relevant industry-recognized security certifications from ISC2, ISACA, SANS, etc.
• 5+ years of experience in information security fields
• 3+ years of experience in managing vulnerabilities and security configurations in large corporate environments
• Strong knowledge of application and API security vulnerabilities (including and beyond OWASP Top-10)
• Strong understanding of enterprise-level information systems and technology architectures, expertise in network security, cryptography, virtualization and cloud security
• Hands-on experiences of working with technologies such as firewalls, WAF, IPS/IDS, VPN gateways, Radius
• Hands-on experiences in common operating system like Windows Server, Linux (Red Hat dominant)
• Experience and technical knowledge of cloud environments in AWS, Azure and GCP
• Strong understanding of the CIS benchmarks
• Understanding of GPRS, UMTS, LTE, 5G technology is a plus
• Familiarity with security impact vs likelihood framework to best judge the severity of vulnerabilities
• Knowledge of information security standards such as ISMS, ISO 27001, DSGVO or BSI Grundschutz
• Excellent organization and reporting skills
• Being able to work with a diverse set of stakeholders in the organization from technical through board level
• Strong written and verbal communication in English and/or in German

What we offer

Modern, flexible working environment:Work wherever you want within Germany. Whether in home office or one of our well-equipped offices. We offer you maximum flexibility to organize your working day.

Training & Development:Everthing you need for your individual growth. With a personal development plan, learning journeys and the possibility of job rotations, you will reach your goals with us – according to our guiding principle „connect, learn and move2grow".

Financial benefits:A smartphone for business and private use, as well as the possibility to provide for partners, friends and family via a credit balance, is a given. In addition, you benefit from a variety of corporate benefits.

Health: Our "Feel Good" program keeps your body and mind in balance. Among other things, we offer fitness classes, nutritional counseling, and programs to improve workplace ergonomics and work-life balance.

Social engagement: We are also involved in social projects outside of our day-to-day work. You can support social projects through volunteering days / holidays or charity runs.

How to apply and what else you should know

Convince us with your meaningful curriculum vitae as well as corresponding certificates. You do not need a letter of motivation with us. Please note that applications are only possible via our applicant portal and applications by e-mail cannot be considered.

Do you have questions about our application process and are you interested in further information about the position? Please reach out to our Talent Operations Team (de-recruiting@telefonica.com).

In case of same qualification, applicants (m/f/d) with severe disability will be preferred. All gender are equally welcome