[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-it-security-specialist-mwd-vulnerability-exposure-management-expert":3,"similar-it-security-specialist-mwd-vulnerability-exposure-management-expert":34},{"id":4,"slug":5,"title":6,"skills":7,"budget":18,"duration":18,"location":19,"onsitePercent":20,"contractType":21,"foundAt":22,"category":23,"description":27,"rawText":28,"webTitle":29,"webText":30,"language":31,"projectId":32,"sourceUrl":33},12066,"it-security-specialist-mwd-vulnerability-exposure-management-expert","IT-Security Specialist (m\u002Fw\u002Fd) Vulnerability & Exposure Management Expert",[8,9,10,11,12,13,14,15,16,17],"Vulnerability Management","Attack Surface Management","Schwachstellenscans","Linux & Windows","Exposure Management","Regulatorische Anforderungen","IT-Security","Risikobewertung","Deutsch","Englisch",null,"Bayreuth, Bayern",50,"permanent","2026-06-10T10:31:32+00:00",{"id":24,"slug":25,"label":26},5,"it_infra_security","IT-Infrastruktur & Security","Gesucht wird eine erfahrene Persönlichkeit für den Ausbau und die Weiterentwicklung des unternehmensweiten Vulnerability- und Exposure Managements. Die Position verbindet strategische Verantwortung mit tiefem technischem Verständnis und legt den Fokus auf die realistische Bewertung von Risiken. Aufgaben umfassen Vulnerability Management, Attack Surface Management, Governance & Beratung sowie Organisation von Prozessen und Tool-Landschaft.","Zurück zur Jobsuche\nIT-Security Specialist (m\u002Fw\u002Fd) Vulnerability & Exposure Management Expert\n\nStandort:\nBayreuth, Bayern\nTryb pracy:\nFestanstellung\nJob Ref:\nBBBH120976_1781087231\nBewerben\nRolle\nGesucht wird eine erfahrene Persönlichkeit für den Ausbau und die Weiterentwicklung des unternehmensweiten Vulnerability- und Exposure Managements.\nDie Position verbindet strategische Verantwortung mit tiefem technischem Verständnis und legt den Fokus auf die realistische Bewertung von Risiken - über reine Tool-Ergebnisse hinaus.\n\nAufgaben\n\nVulnerability Management\n\n- Steuerung und Qualitätssicherung von Schwachstellenscans in komplexen IT-Umgebungen\n- Analyse und Validierung von Ergebnissen (z. B. False Positives\u002FNegatives, Scan-Abdeckung)\n- Technische Einordnung von Findings auf Systemebene (Linux & Windows)\n- Weiterentwicklung risikobasierter Scan- und Priorisierungsansätze\nAttack Surface Management\n\n- Analyse und Bewertung interner und externer Angriffsflächen auf technischer Ebene\n- Erkennen und Nachvollziehen neu entstehender Exposures durch Systeme, Schnittstellen und Abhängigkeiten\n- Technische Bewertung von Schwachstellen im Kontext realer Angriffswege (Exploitability, Systemkontext, Kritikalität)\nGovernance & Beratung\n\n- Enge Zusammenarbeit mit IT, Security und Architektur zur Priorisierung und Behebung von Risiken\n- Unterstützung bei internen und externen Prüfungen\n- Ableitung von Maßnahmen aus regulatorischen und internen Sicherheitsanforderungen\n- Erstellung entscheidungsrelevanter Reports und Kennzahlen für unterschiedliche Stakeholder\nOrganisation\n\n- Weiterentwicklung und technische Schärfung bestehender VM-\u002FExposure-Prozesse und Tool-Landschaft\n- Einbringen von Best Practices und technischem Know-how zur Steigerung der Erkennungs- und Bewertungsqualität\nProfil\n\n- Mehrjährige praktische Erfahrung im Vulnerability Management in komplexen IT-Umgebungen\n- Tiefes technisches Verständnis von Schwachstellenscans auf Betriebssystemebene\n- Erfahrung in der technischen Validierung und Einordnung von Scan-Ergebnissen\n- Fähigkeit, Schwachstellen entlang realer Risiken zu bewerten\n- Praxis im Exposure bzw. Attack Surface Management (intern & extern)\n- Sicher im Umgang mit regulatorischen Anforderungen sowie deren operativer Umsetzung\n- Strukturierte, analytische Arbeitsweise und die Fähigkeit, technische Sachverhalte verständlich zu vermitteln\n- Sehr gute Deutsch- und Englischkenntnisse in Wort und Schrift\n\nDas bietet Ihnen die Position\n\n- Die Stabilität eines etablierten Unternehmens kombiniert mit echtem Gestaltungsspielraum\n- Flexible Arbeitsmodelle mit der Möglichkeit, regelmäßig im Homeoffice zu arbeiten\n- Attraktives Vergütungs- und Leistungspaket inklusive betrieblicher Altersvorsorge\n- Fachliche und persönliche Entwicklungsmöglichkeiten in einem Umfeld mit Wachstumsperspektive\n\nIhr Kontakt\n\nPatrycja Zdrojewska\npatrycja.zdrojewska@harveynash.de\n01511 9760002\n\nBewerbenStellenanzeige teilen\n\nE-Mail: Patrycja.Zdrojewska@harveynash.de\nHi! Ich bin Patrycja\n\nIch bin für diesen Job verantwortlich.\nZu meinem Profil\nMehr Jobs von Patrycja\n\nHannover, Niedersachsen\nAnalytics Engineer (m\u002Fw\u002Fd) BI & Reporting\nHessen\nSenior DevOps \u002F Platform Engineer (m\u002Fw\u002Fd)\nBayreuth, Bayern\nIT-Security Specialist (m\u002Fw\u002Fd) Cyber-Security","IT-Security Specialist – Vulnerability & Exposure Management","Wir suchen einen erfahrenen IT-Security Specialist zur Weiterentwicklung und Leitung des unternehmensweiten Vulnerability- und Exposure Managements. Die Position verbindet strategische Verantwortung mit tiefem technischem Verständnis und konzentriert sich auf realistische Risikobewertung jenseits reiner Tool-Ergebnisse.\n\nIhre Aufgaben umfassen die Steuerung und Qualitätssicherung von Schwachstellenscans in komplexen IT-Umgebungen, die Analyse und Validierung von Scan-Ergebnissen sowie die technische Einordnung von Findings auf Systemebene (Linux & Windows). Sie bewerten interne und externe Angriffsflächen, erkennen neu entstehende Exposures und beurteilen Schwachstellen im Kontext realer Angriffswege.\n\nDarüber hinaus arbeiten Sie eng mit IT-, Security- und Architektur-Teams zusammen, unterstützen interne und externe Prüfungen und leiten Maßnahmen aus regulatorischen Anforderungen ab. Sie erstellen entscheidungsrelevante Reports für verschiedene Stakeholder und entwickeln bestehende Prozesse sowie die Tool-Landschaft kontinuierlich weiter.\n\nWir erwarten mehrjährige praktische Erfahrung im Vulnerability Management komplexer IT-Umgebungen, tiefes technisches Verständnis von Schwachstellenscans auf Betriebssystemebene und Kompetenz in der technischen Validierung von Scan-Ergebnissen. Erfahrung mit Exposure- und Attack Surface Management sowie Sicherheit im Umgang mit regulatorischen Anforderungen sind erforderlich. Eine strukturierte, analytische Arbeitsweise und die Fähigkeit, technische Sachverhalte verständlich zu vermitteln, runden das Profil ab. Sehr gute Deutsch- und Englischkenntnisse sind notwendig.\n\nDie Position bietet Stabilität eines etablierten Unternehmens mit echtem Gestaltungsspielraum, flexible Arbeitsmodelle mit Homeoffice-Möglichkeiten, attraktive Vergütung und Leistungspakete sowie Entwicklungschancen in einem wachstumsorientierten Umfeld.","de","BBBH120976_1781087231","https:\u002F\u002Fwww.harveynash.de\u002Fjobs\u002F297960-IT-Security-Specialist-mwd-Vulnerability-Exposure-Management-Expert-",{"items":35},[36,63,79,94,114,137,159,180,204,226,249,265,278,297,313],{"id":37,"slug":38,"title":39,"skills":40,"budget":18,"duration":18,"location":59,"onsitePercent":20,"contractType":60,"foundAt":61,"category":62},12058,"system-und-netzwerkadministrator-mwd","System- und Netzwerkadministrator (m\u002Fw\u002Fd)",[41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58],"Active Directory","Windows Server Administration","Linux Server Administration","Watchguard Firewall","Fortigate Firewall","VPN (IPSec)","Microsoft Azure","Microsoft 365","VMware","Hyper-V","Docker","PowerShell Scripting","Bash Scripting","VLAN","Routing","IT-Support","TISAX","KNX","Ahrensburg, Schleswig-Holstein","contracting","2026-06-10T10:27:01+00:00",{"id":24,"slug":25,"label":26},{"id":64,"slug":65,"title":66,"skills":67,"budget":18,"duration":75,"location":18,"onsitePercent":76,"contractType":60,"foundAt":77,"category":78},12046,"qualys-vulnerability-scanning-consultant-mwd","Qualys \u002F Vulnerability Scanning Consultant (m\u002Fw\u002Fd)",[68,69,70,71,72,73,74],"Qualys Vulnerability Management","Schwachstellenscanning","Scan Appliances","Qualys Agents","Netzwerk- und Firewall-Kenntnisse","Technische Umsetzungsmaßnahmen","Kommunikation und Abstimmung","7-9 months",0,"2026-06-10T10:16:19+00:00",{"id":24,"slug":25,"label":26},{"id":80,"slug":81,"title":82,"skills":83,"budget":18,"duration":18,"location":18,"onsitePercent":76,"contractType":60,"foundAt":92,"category":93},12044,"iam-operations-backfill-expert-mfd","IAM Operations Backfill Expert (m\u002Ff\u002Fd)",[84,41,85,86,87,88,89,90,91],"IAM Ticket Processing","EntraID","M365","English fluent","IT Support","Access Provisioning","JML Processing","Compliance Documentation","2026-06-10T09:50:50+00:00",{"id":24,"slug":25,"label":26},{"id":95,"slug":96,"title":97,"skills":98,"budget":18,"duration":18,"location":111,"onsitePercent":20,"contractType":60,"foundAt":112,"category":113},12028,"systemingenieur-penetration-testing-mwd","Systemingenieur Penetration Testing (m\u002Fw\u002Fd)",[99,14,100,101,102,103,104,105,106,107,108,109,110],"Penetration Testing","Schwachstellenmanagement","OWASP Top Ten","ISO\u002FIEC 27001","Nmap","Wireshark","Nessus","Kali Linux","Webapplikationen","Netzwerksysteme","Scripting","Linux","Wuppertal, Nordrhein-Westfalen","2026-06-10T09:25:34+00:00",{"id":24,"slug":25,"label":26},{"id":115,"slug":116,"title":117,"skills":118,"budget":18,"duration":133,"location":134,"onsitePercent":20,"contractType":60,"foundAt":135,"category":136},12001,"senior-vmware-omnissa-workspace-one-consultant-mwd","Senior (VMware) Omnissa Workspace One Consultant (m\u002Fw\u002Fd)",[119,120,121,122,123,124,125,126,127,128,129,130,131,132,16,17],"VMware Omnissa Workspace One","Omnissa Certified Administrator","Omnissa Certified Engineer","BSI Vorgaben","VS Umgebungen","Workspace ONE APIs","Automatisierung und Scripting","Dashboard-Entwicklung","Logfile Analyse","Endgerätesicherheit","Wellensteuerung","IT Security","Netzwerk","Virtualisierung","bis 31.12.2026 + Option","Köln","2026-06-10T07:45:30+00:00",{"id":24,"slug":25,"label":26},{"id":138,"slug":139,"title":140,"skills":141,"budget":18,"duration":18,"location":156,"onsitePercent":20,"contractType":60,"foundAt":157,"category":158},11982,"it-systemadministrator-mwd-6","IT Systemadministrator (m\u002Fw\u002Fd)",[41,142,143,144,49,145,146,147,148,149,150,151,152,14,153,154,155],"Windows-Systemadministration","Virtualisierungstechnologien","Microsoft Hyper-V","Citrix","Netzwerktechnologien","LAN","WAN","TCP\u002FIP","VPN","Backup","Recovery","Monitoring","Exchange","Datensicherheit","Stuttgart","2026-06-10T06:25:24+00:00",{"id":24,"slug":25,"label":26},{"id":160,"slug":161,"title":162,"skills":163,"budget":174,"duration":175,"location":176,"onsitePercent":177,"contractType":60,"foundAt":178,"category":179},11965,"mod-security-cleared-network-engineer","MOD Security Cleared Network Engineer",[164,165,166,167,168,169,170,171,172,173],"Network Engineering","LAN\u002FWAN configuration","Switching and routing","Firewalling","Voice infrastructure","Network security","VPNs","Cisco CCNA or equivalent","Racking and cabling","Load balancing","Negotiable","3 months with possible extension","Cumbria",100,"2026-06-09T16:50:30+00:00",{"id":24,"slug":25,"label":26},{"id":181,"slug":182,"title":183,"skills":184,"budget":18,"duration":18,"location":201,"onsitePercent":177,"contractType":60,"foundAt":202,"category":203},11938,"it-consultant-virtualisierung-vmware-mwd","IT-Consultant Virtualisierung & VMware (m\u002Fw\u002Fd)",[49,185,186,187,188,189,190,132,191,192,193,149,194,195,196,197,198,199,200],"vSphere","vCenter","ESXi","NSX-T","vSAN","VMware Cloud Foundation","Migration","Systemintegration","Netzwerkprotokolle","Troubleshooting","IT-Sicherheit","Cloud","Administration","Konfiguration","Design","Implementierung","Leipzig","2026-06-09T15:27:06+00:00",{"id":24,"slug":25,"label":26},{"id":205,"slug":206,"title":207,"skills":208,"budget":18,"duration":18,"location":223,"onsitePercent":18,"contractType":60,"foundAt":224,"category":225},11916,"oracle-database-engineer-mwd","Oracle Database Engineer (m\u002Fw\u002Fd)",[209,210,211,212,213,214,215,216,217,218,219,220,221,222],"Oracle DBA","Oracle Datenbanken 11g-19c\u002F23ai","RAC","Clusterware (CRS)","Exadata","Performance Tuning","RMAN","ASM","Data Guard","Flashback","Python","Ansible","Bash","KSH","Frankfurt am Main","2026-06-09T14:50:50+00:00",{"id":24,"slug":25,"label":26},{"id":227,"slug":228,"title":229,"skills":230,"budget":18,"duration":244,"location":245,"onsitePercent":246,"contractType":60,"foundAt":247,"category":248},11882,"system-engineer-mit-schwerpunkt-backup","System Engineer mit Schwerpunkt Backup",[231,232,233,234,235,236,237,238,239,240,241,242,243],"Storage-Systeme","Backup-Systeme","HP Alletra Storage","Dell Networker Backup","Windows Server","Linux RHEL","Fibrechannel","LTO Laufwerke","Bandsicherungssysteme","HP Proliant Server","Patch Management","Change Management","BMC Helix","bis 31.8.2027, Start asap\u002Fspätestens 1.7.","Rheinland-Pfalz",60,"2026-06-09T13:30:26+00:00",{"id":24,"slug":25,"label":26},{"id":250,"slug":251,"title":252,"skills":253,"budget":18,"duration":18,"location":262,"onsitePercent":20,"contractType":60,"foundAt":263,"category":264},11877,"it-support-scanner-scansoftware","IT-Support Scanner & Scansoftware",[197,254,255,256,56,257,198,110,258,153,131,259,260,109,261],"Automatisierung","Datenbanken","Firewall","Integration","MS SQL","PostgreSQL","PowerShell","Windows","Bamberg","2026-06-09T13:26:17+00:00",{"id":24,"slug":25,"label":26},{"id":266,"slug":267,"title":268,"skills":269,"budget":18,"duration":18,"location":275,"onsitePercent":177,"contractType":60,"foundAt":276,"category":277},11876,"it-systemadministrator-mwd-5","IT-Systemadministrator (m\u002Fw\u002Fd)",[41,235,48,270,154,271,272,273,274,56],"Intune","SharePoint","Cloud-Migration","MDM-Lösungen","Netzwerke","Elmshorn, Schleswig-Holstein","2026-06-09T13:26:08+00:00",{"id":24,"slug":25,"label":26},{"id":279,"slug":280,"title":281,"skills":282,"budget":18,"duration":293,"location":294,"onsitePercent":18,"contractType":60,"foundAt":295,"category":296},11831,"information-security-managernis2-mwd","Information Security Manager\u002FNIS2 (m\u002Fw\u002Fd)",[283,284,285,286,287,288,289,290,291,292],"ISO 27001","ISO 27002","ISO 27005","ISMS","NIS2","DSGVO","Risikomanagement","Audits","Projektmanagement","Informationssicherheit","sofort","Oberösterreich","2026-06-09T11:51:09+00:00",{"id":24,"slug":25,"label":26},{"id":298,"slug":299,"title":300,"skills":301,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":60,"foundAt":311,"category":312},11819,"it-administrator-wmd","IT-Administrator (w\u002Fm\u002Fd)",[302,303,304,305,306,307,220,308,153,309,310],"IT-Administration","Windows-Server","Linux-Server","SCCM","Wazuh","VMware vCenter","SIEM","Compliance","Security Operations","2026-06-09T11:35:16+00:00",{"id":24,"slug":25,"label":26},{"id":314,"slug":315,"title":316,"skills":317,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":60,"foundAt":325,"category":326},11818,"entra-id-experte-wmd","Entra ID Experte (w\u002Fm\u002Fd)",[318,319,48,320,321,271,270,49,50,322,323,324],"Microsoft Entra ID","Microsoft Active Directory","Exchange Online","Teams","Backup- und Restore-Konzepte","Second Level Support","Störungsanalyse","2026-06-09T11:35:09+00:00",{"id":24,"slug":25,"label":26}]