Manager IT Security - Vulnerability Management and Pentesting

ista SE
Essen, Germany
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German

Job location

Essen, Germany

Tech stack

Kubernetes Security
API
Software System Penetration Testing
Burp Suite
Cloud Computing
Cloud Computing Security
Computer Security
Identity and Access Management
Information Technology Operations
NMap
Secure Coding
Software Engineering
Software Vulnerability Management
Cloud Platform System
Information Technology
Nessus

Job description

Manager IT Security (m/f/d) - Vulnerability Management and Pentesting IT / Essen Headoffice / Hybrid / Vollzeit / iSE02706

Welcome to ista

At ista, we support property owners and managers in making their buildings fit for the future and kind to the planet. That includes tracking and billing energy consumption in a way that's easy to grasp, to help save energy and cut CO emissions. With over 6,600 employees in 21 countries, we're committed to making it happen. Join us and help shape tomorrow, secure in the knowledge that you're part of a successful company that also offers you the flexibility of agile working practices.

Everyone is welcome at ista, regardless of age, gender, background, sexual orientation, religion, or disabilities. We're proud to be part of a diverse team. Fostering a culture of team spirit and togetherness, we are always there for one another. We set great store by ensuring a healthy work-life balance for our people. Plus, we offer each and every employee the opportunity to pursue further training and personal development.

Here's what you can look forward to

  • You drive the continuous development of our technical Vulnerability and Exposure Management capabilities and contribute to the sustainable reduction of security risks across the organization
  • You operate, optimize, and further enhance our Tenable- based security tool landscape, including dashboards, reporting, training initiatives, and KPI- driven analytics
  • Through the analysis of vulnerabilities, misconfigurations, and security risks across IT systems, applications, cloud environments, and infrastructure, you derive effective remediation strategies and risk mitigation measures
  • You lead the planning and coordination of penetration testing activities across web, API, cloud, mobile, and infrastructure environments, helping to proactively identify and mitigate security vulnerabilities
  • Close collaboration with tibes, squads, product owners, and IT operations teams enables you to support risk prioritization, SLA compliance, and the sustainable implementation of remediation measures
  • You manage and optimize processes related to security exceptions, risk acceptances, and compensating controls, while embedding security requirements early into development and operational processes, particularly in areas such as Secure Development Lifecycle, third- party components, container security, and cloud security
  • Working closely with internal and external stakeholders, you prepare management- ready security insights and represent IT security in projects, technical discussions, and cross- functional initiatives

What we require of you

  • Several years of experience in IT security, ideally with a focus on vulnerability management, exposure management, cloud security, or security operations, form the foundation of your profile
  • A solid understanding of modern IT and cloud architectures, identity and access management, software development, and operational IT processes enables you to navigate complex security environments with confidence
  • Hands-on experience with industry- leading security tools, such as Tenable, Burp Suite, Nmap, Nessus, or OWASP ZAP, allows you to transform security data into meaningful analyses, reports, and actionable recommendations
  • Technical, regulatory, and internal security requirements are translated into pragmatic processes, effective controls, and sustainable security measures
  • In-depth knowledge of common attack techniques, vulnerabilities, and corresponding countermeasures, combined with practical experience in conducting web, API, cloud, and infrastructure penetration tests, rounds out your technical expertise
  • A structured, analytical, and solution- oriented mindset, paired with the ability to communicate complex topics clearly and effectively to different audiences, distinguishes your way of working
  • Strong initiative, consulting skills, and a collaborative mindset enable you to thrive in an international environment; professional fluency in English is essential, while German language skills are considered an advantage

What we offer you

  • Do the right thing with purpose and a future: Our services save CO2 and protect the environment - we are working for a sustainable world of tomorrow
  • Enjoy many benefits: Look forward to an attractive salary, 30 days' vacation per year and flexible working hours, including the opportunity to work up to 50% of the week on a mobile basis
  • Secure good prospects for yourself: We are an internationally successful company with agile working methods and an open corporate culture; our future course offers you long-term and excellent career options
  • Stay curious and develop yourself further: Standing still is not an option for us, which is why we support you in every aspect of your development - a variety of learning opportunities await you
  • Experience a working environment full of trust: We all pull together
  • Have fun in a motivated team: Whether it's a barbecue event, international soccer cup or ice cream for everyone in summer - we always come up with something new, so stay tuned!

Contact

ista SE Madeleine Fluchtmann Luxemburger Straße 1 | 45131 Essen Bewerbermanagement@ista.com

Apply online now! ista.de/karriere

Requirements

  • Several years of experience in IT security, ideally with a focus on vulnerability management, exposure management, cloud security, or security operations, form the foundation of your profile
  • A solid understanding of modern IT and cloud architectures, identity and access management, software development, and operational IT processes enables you to navigate complex security environments with confidence
  • Hands-on experience with industry- leading security tools, such as Tenable, Burp Suite, Nmap, Nessus, or OWASP ZAP, allows you to transform security data into meaningful analyses, reports, and actionable recommendations
  • Technical, regulatory, and internal security requirements are translated into pragmatic processes, effective controls, and sustainable security measures
  • In-depth knowledge of common attack techniques, vulnerabilities, and corresponding countermeasures, combined with practical experience in conducting web, API, cloud, and infrastructure penetration tests, rounds out your technical expertise
  • A structured, analytical, and solution- oriented mindset, paired with the ability to communicate complex topics clearly and effectively to different audiences, distinguishes your way of working
  • Strong initiative, consulting skills, and a collaborative mindset enable you to thrive in an international environment; professional fluency in English is essential, while German language skills are considered an advantage

About the company

ista macht Gebäude für Bewohner und Besitzer nachhaltig wertvoll. Dazu managen wir Daten und Prozesse, durch die Immobilien klimafreundlich, sicher und komfortabel werden. Bewohner und Besitzer können mit unseren Produkten und Services Energie sparen und gemeinsam zum Klimaschutz beitragen.

Die Basis für unsere Produkt- und Service-Welt ist digital. Als Innovationstreiber richten wir unsere Infrastruktur konsequent auf das Internet of Things aus. Wir haben bereits heute weltweit über 28 Millionen Connected Devices im Einsatz und entwickeln Lösungen für das intelligente und energieeffiziente Gebäude von morgen.

Die erweiterte ista Gruppe beschäftigt rund 6.000 Menschen in 22 Ländern, unsere Produkte und Services werden weltweit in über 13 Millionen Nutzeinheiten (Wohnungen und Gewerbeimmobilien) bei mehr als 400.000 Kunden eingesetzt.

Wir begrüßen den Austausch auf unserem Kanal und freuen uns über Fragen, Anregungen und offene Diskussionen. Wir schätzen einen respektvollen Umgang miteinander. In diesem Zusammenhang möchten wir auf unsere Community-Regeln hinweisen: https://www.ista.com/de/unternehmen/community-regeln/

Wir bei ista schätzen Vielfalt und Inklusion. Daher legen wir in unserer Kommunikation großen Wert auf eine gendersensible Sprache, mit der wir alle Geschlechter respektvoll ansprechen und repräsentieren möchten. Dafür nutzen wir den Doppelpunkt. Wo es nicht um konkrete Personen, sondern um Gruppen oder Körperschaften geht, verwenden wir zum Teil weiterhin die männliche Form. Dies gilt insbesondere für fachlich oder vertraglich etablierte Begriffe, diese schließen per definitionem Angehörige aller Geschlechter ein.

Bestens informiert: per Newsletter – hier geht’s zur Anmeldung: ista.de/newsletter

Apply for this position