We are not your typical finance company. Sure, we work with numbers – but what really counts here are people, ideas and a strong security team. We believe in lean processes, smart automation, and pragmatic solutions – especially when it comes to IT Security.
As a player in the financial sector, we operate in a highly regulated, fast-moving environment where trust, stability, and innovation go hand in hand. Security isn't just an afterthought here – it's a core part of our DNA. From early design decisions to real-time monitoring, we aim for built-in, not bolted-on. We value clarity over complexity, action over endless analysis, and real impact over buzzwords.
We're building a culture where security professionals can take ownership, drive meaningful change, and work cross-functionally without unnecessary red tape. And yes – we have fun doing it.
We are currently expanding our Vulnerability Management capabilities and looking for a hands-on expert who knows how to handle the wild world of vulnerabilities.
Your mission at RBI:
* Be our go-to person for everything related to Vulnerability Management
* Ensure that vulnerabilities are not just found – but also assessed, prioritized, and addressed
* Coordinate and guide a team of DevOps colleagues involved in scanning, remediation, and automation workflows
* Collaborate closely with Infrastructure, AppSec and DevOps teams
* Build and maintain automation for identifying and tracking vulnerabilities
* Apply and integrate modern prioritization models like EPSS and SSVC – we're not just chasing CVSS 10s
* Drive the integration of scanners, platforms, and ticketing systems
* Help turn vulnerability reports into actionable insights – not just documents no one reads
Your core competencies:
* Hands-on experience with vulnerability scanners like (e.g. Tenable or Qualys)
* Familiarity with vulnerability management platforms and integrations (e.g. ServiceNow)
* Understanding of vulnerability prioritization models like EPSS, SSVC, CVSS
* Solid scripting and automations skills (e.g. Python, PowerShell, Bash – whatever works)
* Strong general IT knowledge (Linux, Windows, networks, cloud – especially AWS or Azure)
* Experience working in highly regulated environments, ideally in the financial services sector
* Strong communication skills – you know how to translate complex security topics into actionable guidance
* A proactive, solution-oriented mindset
* One or mor relevant security certifications such as CISSP, CISM, OSCP, Security+, GIAC, or equivalent
What's in for you:
* Work Life Balance
: flexible working hours (no core time), extensive hybrid working options / work from home, 30 days / year remote work from any EU-country outside Austria; up to 10-15 days of travel per year
* Easy Moving
: work permit support
* Top-notch Equipment
: modern tools & technologies
* International Spirit
: multi-cultural teams, English as company language, team building events
* Learning & Agile Working
: as part of our DNA & culture
* Canteen
: healthy, tasty, and heavily subsidized
* Saving
: with vouchers / discounts from our staffs' council (eg. supermarket)
* Further Goodies
: free public transport pass, salary account & credit card, reduced gym membership, gender-neutral parental leave, bilingual company kindergarten, child care during holidays etc.
* Salary:
the offered gross yearly salary ranges
starting Euro
(basis full-time) including overtime, depending on qualification and experience.