Senior Cyber Security Engineer - Vulnerability Management

Senior Cyber Security Engineer will be part of IT Security Global Team responsible for the global vulnerability management in KION Group. The person will take the responsibility for managing the entire vulnerability lifecycle, having a significant contribution to the IT Services delivered by KION Group IT

Dematic Corporation is a leading supplier of integrated automated technology, software, and services to optimize the supply chain. Dematic belongs to the KION Group. The KION Group is among the world's leading suppliers of industrial trucks and supply chain solutions. We currently have more than 41,000 employees and approximately €11,100 million in revenue. Our portfolio encompasses industrial trucks, such as forklift trucks and warehouse trucks, as well as integrated automation technology and software solutions for the optimization of supply chains, including all related services. Across more than 100 countries worldwide, the KION Group's solutions improve the flow of material and information within factories, warehouses, and distribution centers.

Senior Cyber Security Engineer will be part of IT Security Global Team responsible for the global vulnerability management in KION Group. The person will take the responsibility for managing the entire vulnerability lifecycle, having a significant contribution to the IT Services delivered by KION Group IT

• Take the lead on enterprise vulnerability assessments, ensuring broad and continuous coverage across systems, applications, and cloud environments.


• Identify and analyze security vulnerabilities in both infrastructure and web applications, providing clear risk context to help prioritize remediation.


• Architect, operate, and enhance the enterprise vulnerability management platform and scanning infrastructure to ensure scalability, performance, and integration with other security tools and workflows.


• Coordinate and manage third-party penetration testing engagements, ensuring alignment with compliance requirements and providing strategic guidance on risk mitigation priorities.


• Own the end-to-end vulnerability management lifecycle—from identification and risk analysis to remediation tracking, validation, and reporting—ensuring timely resolution and adherence to SLA requirements.


• Collaborate cross-functionally with application development, DevOps, and infrastructure teams to advise on secure design patterns and drive remediation efforts through automation and process improvement.


• Develop and implement automation strategies to optimize vulnerability detection and remediation workflows, reducing manual effort and improving overall security posture.


• Act as a subject matter expert in vulnerability management, contributing to policy development and mentoring junior team members when needed.


• Deliver executive-level reporting and metrics that provide visibility into vulnerability trends, risk exposure, and remediation progress for leadership and audit stakeholders.

• Strong understanding of application security principles, including deep familiarity with the OWASP Top 10 and the ability to clearly explain real-world risks and remediation strategies.


• Broad technical knowledge across enterprise IT and cloud ecosystems — including networking, operating systems (Windows/Linux), web technologies, APIs, databases, containerization (e.g., Docker, Kubernetes), and infrastructure-as-code.


• Proficient in scripting or automation using languages like Python, JavaScript, or Ruby to streamline security processes and improve detection/remediation workflows.


• Hands-on experience with vulnerability scanning and penetration testing tools (e.g., Nessus, Burp Suite, Nmap, Metasploit), with a solid grasp of how to translate findings into actionable improvements.


• Industry certifications such as OSCP, CISSP, CEH, or GIAC (e.g., GPEN, GSEC, or GWAPT) are highly valued.


• Strong analytical thinking, communication, and cross-functional collaboration skills — comfortable working with both technical and non-technical stakeholders.


• Self-driven, adaptable, and comfortable managing multiple priorities in a fast-paced environment.


• Fluency in English (spoken and written)