Vulnerability Management Expert (f/m/x)

We are not your typical finance company. Sure, we work with numbers – but what really counts here are people, ideas and a strong security team. We believe in lean processes, smart automation, and pragmatic solutions – especially when it comes to IT Security.

As a player in the financial sector, we operate in a highly regulated, fast-moving environment where trust, stability, and innovation go hand in hand. Security isn’t just an afterthought here – it’s a core part of our DNA. From early design decisions to real-time monitoring, we aim for built-in, not bolted-on. We value clarity over complexity, action over endless analysis, and real impact over buzzwords.

We’re building a culture where security professionals can take ownership, drive meaningful change, and work cross-functionally without unnecessary red tape. And yes – we have fun doing it.

We are currently expanding our Vulnerability Management capabilities and looking for a hands-on expert who knows how to handle the wild world of vulnerabilities.

Your mission at RBI:

• Be our go-to person for everything related to Vulnerability Management
• Ensure that vulnerabilities are not just found – but also assessed, prioritized, and addressed
• Coordinate and guide a team of DevOps colleagues involved in scanning, remediation, and automation workflows
• Collaborate closely with Infrastructure, AppSec and DevOps teams
• Build and maintain automation for identifying and tracking vulnerabilities
• Apply and integrate modern prioritization models like EPSS and SSVC – we’re not just chasing CVSS 10s 😉
• Drive the integration of scanners, platforms, and ticketing systems
• Help turn vulnerability reports into actionable insights – not just documents no one reads

Your core competencies:

• Hands-on experience with vulnerability scanners like (e.g. Tenable or Qualys)
• Familiarity with vulnerability management platforms and integrations (e.g. ServiceNow)
• Understanding of vulnerability prioritization models like EPSS, SSVC, CVSS
• Solid scripting and automations skills (e.g. Python, PowerShell, Bash – whatever works)
• Strong general IT knowledge (Linux, Windows, networks, cloud – especially AWS or Azure)
• Experience working in highly regulated environments, ideally in the financial services sector
• Strong communication skills – you know how to translate complex security topics into actionable guidance
• A proactive, solution-oriented mindset
• One or more relevant security certifications such as CISSP, CISM, OSCP, Security+, GIAC, or equivalent

What's in for you:

• Work Life Balance: flexible working hours (no core time), extensive hybrid working options / work from home, 30 days / year remote work from any EU-country outside Austria; up to 10-15 days of travel per year
• Easy Moving: work permit support
• Top-notch Equipment: modern tools & technologies
• International Spirit: multi-cultural teams, English as company language, team building events
• Learning & Agile Working: as part of our DNA & culture 
• Canteen: healthy, tasty, and heavily subsidized
• Saving: with vouchers / discounts from our staffs' council (eg. supermarket)
• Further Goodies: free public transport pass, salary account & credit card, reduced gym membership, gender-neutral parental leave, bilingual company kindergarten, child care during holidays etc. 
• Salary: the offered gross yearly salary ranges starting 60.000 Euro (basis full-time) including overtime, depending on qualification and experience.

For questions regarding our application process, please feel free to take a look on our website or check out our FAQ.   Your contact: Johannes Stadler Talent Acquisition Team