Security IT-Consultant (m/f/d) with Service Now/ Infoblox ID26249-2

Security IT-Consultant (m/f/d) with Service Now/ Infoblox  ID26249-2

Duration :  19.05.2025 – 30.09.25

Volume : 776 h (40h/week)

Location : remote

Project name: Vulnerability Management Service Optimization

Project description: The Vulnerability Management Service Optimization project is covering the elimination of the detected software vulnerabilities in the customers business systems and external resources. This includes remediation of the vulnerabilities in business applications (on-prem and cloud-based), operating systems (e.g. Windows, Linux), auxiliary software, network devices, web resources and other devices identified by network scanning. The aim of the project is to reduce the overall attack surface (internal and external) thus improving security posture and minimizing risks of a customer IT landscape penetration and compromising.

Planned project duration for the entire project (start/end): September 2021 – December 2025.

Tasks

- Analysis of security concepts provided by the threat and vulnerability management team in order to identify vulnerabilities in all software layers, outdated, obsolete and not supported technologies, security gaps and insufficiencies of the existing security measures. Assessment, prioritization and presentation of the results to customer Cyber Defense Center (CDC) accordingly, including provision of professional consulting about how to provide a sufficient security level of the vulnerable resources corresponding to the existing security standards and best practices along with corresponding measures.

- Provision of professional consultation to the business teams involved in the remediation regarding the ways of remediation of the detected security flaws and vulnerabilities, providing root causes and technical information required for vulnerabilities remediation; provision of the above mentioned professional consultation by email, in virtual meetings via MS teams or by phone based on own professional experience. Presentation of the project progress to customer made visible by the amount of detected vulnerabilities processed from the queue.

- Provision of professional consultancy to external parties and service providers involved in the vulnerabilities remediation process (consultation regarding vulnerabilities) with the aim of controlling and validation of the timelines and the quality of the offered and implemented remediation. The quality standards are defined by the industry standards – ENISA, NIST or ISO 27001. Additional confirmation of the remediation is done by cybersecurity scanners and tools provided by customer Cyber Defense Center in advance.

- Provision of professional expert consultation to teams on how to avoid potential security flaws / vulnerabilities on the supported resources by means of the system hardening and a proper service configuration. The guidance is based on industry best practices (defined in international standards) and customer Information Security Vulnerability Management Procedure provided by customer in advance.

- Steering the escalation activities related to the vulnerability management by using best practices principles according to industry, testing, understanding of frameworks provided by NIST, ISO27001, ENISA. Provision of technical consultation to the CDC team to adequately cope with security risks connected with the detected flaws and vulnerabilities and their mitigation. The process of escalations are handled fully by the CDC team.

- Documentation of all vulnerability remediation tasks taken in the project, their initial and current states, working time spent as well as planned / scheduled actions (in Word, Excel, OneNote). Our customer signs off the documentation.

Clear appearance as an external consultant of customer  whenever interacting with external parties.

Skills:

Must have: At least 5 years of professional experience with IT security in larger companies.

Nice to have: Knowledge of Service Now and Infoblox.

Please submit profiles in German or English!