Specialist Information Security Engineer – Vulnerability Management Analyst
## **Career Category**Information Systems## ## **Job Description**## **The Amgen Capability Center in Lisbon, Portugal (ACCP**) will be home to over 300
- national and
- cultural employees, representing a broad range of
- functional capabilities, including Commercial, General and Administrative, Information Systems, Research and Development and more. The ACCP will offer rich career growth and development opportunities, regional and global exposure and the opportunity to LIVE, WIN and THRIVE in one of Europe’s most attractive cities. ## Our ACCP offices will be temporarily located at the Maleo – Saldanha, Av. da República 18, 1050-191 Lisbon, while we work toward finding a permanent office in the vibrant city center of Lisbon. ## If you feel like you’re part of something bigger, it’s because you are. At Amgen our shared mission—to serve patients—drives all that we do. It is key to our becoming one of the world’s leading biotechnology companies. We are global collaborators who achieve together—researching, manufacturing and delivering
- better products that read over 10 million patients worldwide. It’s time for a career you can be proud of. Join us. ## **Specialist Information Security Engineer – Vulnerability Management Analyst**## ## **LIVE**## **What will you do:**## This role is focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organization’s technology stack. The Vulnerability Management Analyst plays a key role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. The individual will analyze vulnerability scan data, correlate threat intelligence (e. g. , KEV, EPSS), and work closely with infrastructure, application, and business teams to drive
- based remediation. ## **Additional responsibilities:*** ## Lead the analysis and validation of vulnerability scan results from enterprise tools such as Tenable. sc, Qualys VMDR, or Rapid7 Insight
VM, ensuring false positives are triaged and risk assessed accurately. * ## Develop and refine vulnerability prioritization frameworks that integrate CVSS v3. 1, KEV, EPSS, asset criticality, exploit availability, and environmental factors to focus remediation on the most critical risks. * ## Partner closely with infrastructure, Dev
Ops, and application security teams to drive timely remediation and provide
- level technical guidance on compensating controls, configuration hardening, and patch deployment strategies. * ## Integrate threat intelligence feeds and SIEM data to correlate vulnerabilities with
- world exploit trends and potential attack vectors in the environment. * ## Build and maintain executive dashboards and risk metrics that measure vulnerability exposure, remediation SLAs, and program maturity for leadership and compliance reporting. * ## Oversee cloud vulnerability management activities across AWS, Azure, and GCP using tools such as Prisma Cloud, AWS Inspector, or Microsoft Defender for Cloud. * ## Contribute to and enhance vulnerability management policies, standards, and operating procedures aligned with frameworks such as NIST CSF, ISO 27001, and CIS Controls. * ## Support audit readiness and provide evidence for internal and external audits (e. g. , SOX, PCI DSS, ISO 27001). * ## Mentor junior analysts in best practices for vulnerability analysis, prioritization, and remediation coordination. ## ## **WIN**## **What we expect from you:*** ## Bachelor’s degree with 1–2 years of experience in Cybersecurity, Information Systems, or related technical discipline OR* ## Bachelor’s degree with 4–6 years of experience in Cybersecurity, Information Systems, or related technical discipline OR* ## Diploma with 7–9 years of experience in vulnerability management, security operations, or threat and risk management* ## Strong
- on experience with
- grade VM tools (Tenable. sc, Qualys VMDR, or Rapid7 Insight
VM)* ## Proven experience developing or managing vulnerability management programs across hybrid infrastructure (on-prem and cloud)## **Functional Skills:**## **Must-Have Skills:*** ## Advanced understanding of the vulnerability lifecycle, remediation workflows, and
- based prioritization. * ## Expertise with CVSS, KEV, EPSS, and asset criticality modeling. * ## Strong understanding of network, OS, application, and cloud security architectures. * ## Ability to correlate vulnerabilities with threat intelligence and adversary tactics (MITRE ATT&CK framework). ## ## **Good-to-Have Skills:*** ## Experience integrating vulnerability data with SIEM, CMDB, or GRC platforms (e. g. , Splunk, Service
Now, Archer). * ## Exposure to vulnerability risk quantification or attack surface management platforms. ## **Professional Certifications required:*** ## Comp
TIA Security+ or Cy
SA+* ## GIAC GSEC / GCIH* ## Qualys Vulnerability Management Specialist (QVMS)* ## Tenable Certified Nessus Auditor (TCNA)* ## AWS Certified Security – Specialty or Azure Security Engineer Associate## **Soft Skills:*** ## **Leadership & Mentoring:** Capable of guiding junior analysts and fostering a culture of proactive security improvement. * ## **Analytical Thinking** – Ability to interpret complex data sets and assess risk effectively* ## **Attention to Detail** – Precision in identifying and tracking vulnerabilities and remediation status* ## **Communication Skills** – Ability to communicate technical findings to both technical and
- technical audiences* ## **Collaboration & Teamwork** – Able to work across IT, Dev
Ops, and security teams to drive resolution* ## **Cross-Functional Influence:** Strong collaboration across security, IT, Dev
Ops, and compliance teams. * ## **Curiosity & Continuous Learning** – Willingness to stay current with evolving threats and technologies* ## **Problem-Solving Mindset** – Capability to identify solutions to security weaknesses in diverse environments## ## **THRIVE**## **WHAT YOU CAN EXPECT OF US**## • Vast opportunities to learn, develop, and move up and across our global organization. ## • Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act. ## • Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits. ## • Flexible work arrangements. ## ## **APPLY NOW FOR A CAREER THAT DEFIES IMAGINATION**## In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us. ## **CAREERS. AMGEN. COM**## ## **EQUAL OPPORTUNITY STATEMENT**## Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. ## We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. .
#J-18808-Ljbffr
- Informações detalhadas sobre a oferta de emprego
Empresa: Amgen Inc. (IR) Localização: Lisboa
Lisboa, Lisboa, PortugalPublicado: 31. 10. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!