Job description
Senior Expert - Vulnerability Management & Defensive Analytics
Role Summary
We're looking for an experienced and driven professional to join a global pharmaceutical brand within their Cyber Security team. Based just outside of Zurich, Switzerland, you will be working as the Senior Expert in Vulnerability Management and Defensive Analytics. In this role, you'll lead their enterprise-wide vulnerability management programme and take the lead on building and refining our threat detection and defensive analytics capabilities.
Your work will be central to identifying and reducing cyber risks, improving the resilience of their global IT systems, and supporting the overall growth of cyber maturity across the organisation.
Main Responsibilities
Lead Vulnerability Management: Oversee the full vulnerability management lifecycle, from discovery and analysis through to prioritisation, remediation tracking and reporting, across infrastructure and applications.
Threat Detection & Defensive Analytics: Build and refine detection rules, threat models and behavioural analytics using data from SIEM, EDR and other sources.
Enhance Security Posture: Work closely with infrastructure, development and business teams to drive remediation, hardening and other risk-reduction activities.
Prioritise Based on Risk: Interpret vulnerability data alongside threat intelligence, exploitability, system criticality and business context.
Improve Efficiency Through Automation: Connect vulnerability and analytics tools with automation platforms to streamline processes.
Mentor & Lead: Offer support and guidance to less experienced team members and act as a subject matter expert in defensive cyber operations.
Reporting & Metrics: Define performance indicators and produce clear dashboards and reports for leadership to demonstrate the impact and maturity of the programme.
Key Experience Required
At least 8 years of experience in IT, ideally in areas like systems development, network operations, or security engineering.
Minimum 3 years specialising in vulnerability management, ideally in a manufacturing environment.
Proficient with scanning tools such as Tenable, Qualys or Nexpose, and familiar with remediation processes in large organisations.
Strong understanding of threat modelling, the MITRE ATT&CK framework, and CVSS scoring.
Comfortable scripting in Python or PowerShell to support automation and analysis tasks.
Good working knowledge of vulnerabilities in Windows, Linux, and networking environments.
Able to work across a range of environments including traditional IT, cloud, and operational technology (OT) networks.
Experience using security frameworks (CIS, NIST) to assess and improve technical controls and system hardening.
Strong communication and analytical skills, with the ability to clearly explain technical issues to both technical and non-technical audiences.
Previous experience working in regulated industries such as healthcare or pharmaceuticals.
Familiarity with cloud security (AWS, Azure) and container security is an advantage.
Qualifications
A degree in Information Security, IT or a related field.
Ideally you will hold one or more security certifications (e.g. ISC2, ISACA, SANS, CREST CCTIM/CCIM, or relevant vendor credentials).
If you are interested in the position, please APPLY NOW, and send us an up to date copy of your resume.
