Senior Vulnerability Management Engineer

Senior Vulnerability Management Engineer – Leading SaaS Organisation – Remote (Madrid or Prague)

Our client is a fast-growing SaaS organisation with ambitious plans to deliver innovative products and services to global customers. To achieve their goals, they are expanding their Security Engineering team and seek exceptional individuals who want to help shape the future of enterprise security.

The Senior Vulnerability Management Engineer role is pivotal to their success.

We are looking for a highly skilled security professional with deep expertise in vulnerability management, cloud security, and proactive risk mitigation. You will play a critical role in safeguarding cloud-native and on-prem infrastructure by identifying, assessing, and prioritising vulnerabilities across diverse technology domains.

You will work closely with cross-functional teams, leveraging advanced scanning tools and methodologies to deliver actionable intelligence and ensure a robust security posture. This is a hands‑on role requiring strong technical capability, analytical thinking, and the ability to communicate effectively with both technical and executive stakeholders.

This position is remote, based in either Madrid or Prague, with travel to the office once per quarter.

• Execute comprehensive vulnerability scans across network, cloud, and application environments.
• Interpret and triage findings from scanners, CSPM, SCA, and SAST tools.
• Provide prioritisation metrics and actionable insights to remediation teams.
• Develop and maintain an asset inventory for dynamic scanning requirements.
• Create executive‑level vulnerability metrics and dashboards.
• Participate in Red Team exercises to proactively identify potential weaknesses.

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
• Minimum 5 years in a dedicated vulnerability management role.
• Strong understanding of networking protocols and cloud architectures.
• Hands‑on experience with tools such as Qualys, Nessus, Prisma, Dome9, Checkmarx, or Veracode.
• Excellent scripting skills in Python or Bash.
• CISSP or CEH certification is a plus.

• Opportunity to work with cutting‑edge SaaS technology.
• Clear career paths, internal mobility, and mentorship programmes.
• Competitive compensation and benefits, including equity and generous leave.
• Physical and mental well‑being support.
• A global, diverse team and an open‑minded, innovative culture.

Unfortunately, we may struggle to respond to every applicant. Boost often receives a very high response rate on their advertisements and will be in touch if they feel your candidature is suitable for the opportunity.

We will process your CV and personal information to assess your suitability for the role. If we wish to consider you further, we will register your personal information in our database and contact you directly. We may contact you from time to time about other relevant roles. Your personal information will be securely held on our CRM system.