Job Description

Vulnerability Management Specialist / Consultant (VMS) - EY GDS Spain - Hybrid

The opportunity

Vulnerability Management is a core pillar of modern cybersecurity. In this role, you manage vulnerabilities end to end – from identification and risk-based prioritization to sustainable risk reduction. You operate at the intersection of technology, operations, and management, enabling informed security decisions and measurable improvement of the organization’s attack surface.

In addition, you help design and roll out vulnerability management landscapes (tooling, processes, integrations, and operating models) to establish scalable, repeatable capabilities across environments.

As a member of our team in the EY GDS Spain office in Malaga, you’ll have a chance to extend your knowledge & experience by working on interesting projects with the newest technologies and approaches. You’ll support clients in choosing the most suitable business solution and take part in digital transformation.

Your key responsibilities

· Design, operate, and continuously improve an end-to-end vulnerability management process

· Design and roll out vulnerability management landscapes: tooling strategy, target architecture, integrations (e.g., ITSM), and operating model

· Continuously identify, consolidate, and assess vulnerabilities across technical systems and environments

· Perform risk-based prioritization by considering technical and organizational context (asset criticality, exposure, compensating controls, business impact)

· Coordinate and track remediation activities with responsible teams and stakeholders

· Maintain transparency on status, progress, exceptions, and accepted risks

· Prepare structured reporting for operational, tactical, and strategic stakeholders (status, risk, trends, KPIs)

· Support internal reviews, audits, management assessments, and decision-making processes

· Continuously optimize vulnerability management processes, methods, and metrics to improve maturity and measurable outcomes

Skills and attributes for success

· Structured, analytical, and self-driven working style with strong ownership

· Ability to communicate complex technical topics clearly and effectively to diverse stakeholders

· Strong coordination and stakeholder management skills across technology, operations, and management

· High sense of responsibility and quality awareness; focus on auditability and traceability

· Ability to translate security requirements into operationally feasible remediation plans and measurable progress

To qualify for the role, you must have

· 1 - +2 years of experience in vulnerability management, security management, or IT security

· Solid understanding of IT infrastructures, platforms, and system environments

· Experience with vulnerability lifecycle management from detection through remediation, verification, and risk acceptance

· Completed education or degree in a technical or information-technology related field (or equivalent practical experience)

· English at least B2 (written and spoken) is required.

Ideally, you’ll also have

· Hands-on experience with vulnerability management platforms such as Tenable and/or Qualys (nice to have)

· German language skills (nice to have)

· Experience working in regulated environments and/or supporting audit and compliance requirements

· Familiarity with common scoring and prioritization approaches (e.g., CVSS as an input to risk-based prioritization) and KPI-driven reporting

· Experience collaborating with engineering, operations, and service management teams in complex environments

What we look for

We look for proactive owners who turn vulnerability data into action—connecting engineers, operations, and leaders to drive risk down. You communicate crisply, keep stakeholders aligned, and build repeatable, audit-ready processes that hold up under pressure. If you enjoy creating clarity from complexity and delivering measurable reduction in exposure, you’ll thrive here.

What we offer

In EY GDS Spain, we’re committed to fostering a vibrant environment where every team member can thrive. We provide a space for continuous learning and the flexibility to define your own success, empowering you to make a meaningful impact in your own way. Our diverse and inclusive culture values who you are and encourages you to help others find their voice.

Additionally, here’s what makes us stand out:

• Empowering Career Development Unlock your potential with tailored training and development programs designed to elevate your skills and propel your career forward. We invest in your growth because your success is our success.
• Flexible Work-Life Integration Enjoy the freedom of our hybrid work model, allowing you to blend professional responsibilities with personal passions. We understand that life is more than just work, and we support you in achieving that balance.
• Comprehensive Well-Being Programs Prioritize your health with our extensive wellness initiatives, including psychological support sessions and health resources. At EY GDS Spain, your well-being is at the heart of what we do.
• Meaningful Volunteering Opportunities Make a difference in your community through our engaging volunteering programs. Join us in giving back and creating a positive impact while building connections with like-minded colleagues.
• Recognized Performance and Rewards Celebrate your achievements with our recognition programs that honor both individual and team successes. We believe in acknowledging hard work and dedication, ensuring you feel valued every step of the way.
  
  

Join us at EY GDS Spain, where your journey is supported, your contributions are celebrated, and your future is bright.

To learn more about what we offer, visit our Careers in Global Delivery Services | EY - Global

About EY GDS

EY Global Delivery Services (EY GDS) is a dynamic and truly global delivery network of over 75,000 people working across the world, to provide innovative and strategic business solutions to our clients worldwide. We play a vital role in growth strategy, helping our clients become agile and efficient, and helping fulfill our purpose to build a better working world.

From accountants to coders, we offer a wide variety of fulfilling career opportunities that span all business disciplines. We look for skills that are evergreen and our roles evolve with industry trends. We also work across Finance, Business Development, Technology, Talent, Procurement and Risk Management functions to help our teams operate as efficiently and effectively as possible.

Across our 10 locations and 21 cities, we work with teams from all service lines, geographies, and sectors. We operate in Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom.

Our EY GDS Spain office is located at Malaga Technology Park and currently employs over 1000 people.

If you are interested in being part of our team, we kindly invite you to submit your CV in English to apply for this position.

The exceptional EY GDS experience. It’s yours to build.