PstrongAbout Technip Energies /strong /ppTechnip Energies is a leading Engineering Technology company for the energy transition, with leadership positions in Liquefied Natural Gas (LNG), hydrogen and ethylene as well as growing market positions in blue and green hydrogen, sustainable chemistry and CO2 management. The company benefits from its robust project delivery model supported by extensive technology, products and services offering. /ppOperating in 34 countries, our 15,000 people are fully committed to bringing our clients’ innovative projects to life, breaking boundaries to accelerate the energy transition for a better tomorrow. /ppAt Technip Energies, we aim to offer inspiring working experience: tackling some of the most complex technical and engineering challenges in the world in collaboration with a truly integral team. We are convinced that the ingredients for success are engaged humans, a strong positive culture, an authentic drive to transform, committed leadership, and inspired talent. The successful implementation of innovations is the sum of creativity, teamwork and the quality of the execution. /ppTechnip Energies has a strong commitment to Cyber Security to protect its business, customers and partners. Cyber Security department reports to the Global CISO and is responsible for managing cyber security across the entire organization and subsidiaries. /ppbr/ppstrongAbout the Role /strong /ppWe are expanding the scope of our Vulnerability Management team and are looking for a highly skilled and experienced strongVulnerability Management Senior Specialist /strong to join our strongProactive Security Team /strong, focused on reducing cyber risk across the organization. /ppIn this role, you will play a key part in protecting the company by identifying, assessing, analyzing, and supporting the remediation of security vulnerabilities. You will work closely with technical stakeholders to strengthen our security posture and drive continuous improvement in vulnerability management practices. /ppThis position will be based in our strongBarcelona or Madrid office /strong and follows a stronghybrid working model /strong. /ppstrongResponsibilities /strong /ppbr/pulliOversee daily vulnerability management operations and automation activities, including scanning, analysis, reporting, and remediation tracking. /liliConduct in-depth analysis of vulnerability scan results from various tools (e.g., Microsoft Defender Vulnerability Management, Rapid7 InsightVM, Qualys), prioritize findings, and determine appropriate remediation strategies. /liliPrioritize vulnerabilities based on CVSS, EPSS, CISA KEV, exploitability, asset criticality, business context, exposure, compensating controls, and operational or safety impact. /liliAssess common application and web security risks, including OWASP Top 10 vulnerabilities, dependency vulnerabilities, SAST/DAST findings, and remediation recommendations. /liliContribute to the delivery and continuous improvement of the vulnerability management program and broader cybersecurity strategy. /liliAutomate vulnerability management workflows using APIs, PowerShell, Python, or Bash, integrating with ITSM, SIEM/SOAR, CMDB, EDR, and reporting platforms (e.g., Power BI, Looker). /liliSupport asset and vulnerability discovery initiatives, particularly through External Attack Surface Management (EASM) tools. Identify, triage, and validate internet-facing exposure findings, assess evidence quality, investigate potential false positives, and determine actual business risk. /liliCollaborate closely with IT, development, infrastructure, and other relevant teams to drive remediation efforts. /liliProvide expert guidance, mentorship, and technical support to vulnerability analysts, fostering their professional growth and skill development. /liliSupport and coordinate remediation activities with system owners and technical teams. /liliProduce comprehensive reports on vulnerability status, trends, risks, and remediation progress for a variety of stakeholders, including senior leadership. /liliStay up to date with emerging cybersecurity threats, vulnerabilities, attack techniques, and industry best practices. /liliParticipate in incident response activities when required, providing expertise on vulnerability-related matters. /liliEvaluate and recommend vulnerability management tools, technologies, and processes to enhance the organization’s security posture. /liliContribute to the continuous improvement of the overall security program. /li /ulpbr/ppstrongQualifications /strong /pulli5+ years of experience in cybersecurity, with a strong focus on vulnerability management. /liliHands-on experience with Microsoft Defender Exposure Management and vulnerability scanning solutions such as Rapid7, Qualys, or Tenable. /liliProven experience providing technical leadership, mentorship, and guidance on vulnerability management practices. /liliStrong networking fundamentals and solid understanding of network protocols (TCP/IP, HTTP/S, DNS, DHCP, etc.), operating systems (Windows and Linux), and common application architectures. /liliExperience with Windows environments, including Active Directory, Group Policy, and PowerShell scripting. /liliExperience with Linux administration, Bash scripting, and system hardening. /liliStrong knowledge of vulnerability assessment methodologies, penetration testing concepts, and security frameworks such as NIST, ISO 27001, and CIS Controls. /liliAbility to interpret penetration testing reports and translate findings into actionable remediation plans. /liliExcellent analytical and problem-solving skills, with strong attention to detail. /liliExceptional written and verbal communication skills, with the ability to communicate complex technical concepts to both technical and non-technical audiences. /liliProfessional proficiency in English. /liliRelevant industry certifications such as CompTIA Security+, CEH, OSCP, or similar are considered a plus. /liliBachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience. /li /ulpbr/ppstrongPreferred Experience /strong /pulliExperience working in large enterprise environments with complex infrastructure. /liliFamiliarity with risk-based vulnerability management methodologies. /liliExperience integrating vulnerability management processes with broader security operations and governance programs. /li /ulpbr/ppbr/ppAs an equal opportunity employer, Technip Energies only considers qualified applicants without regard to race, age, ethnicity, sexual orientation, gender expression, disability, national origin, veteran status, or marital status. /p