Vulnerability Assessment Specialist

Vulnerability Assessment Specialist

Req Id: 20486

Job Family: Cybersecurity, Risk, Process and Control

Location:

Amsterdam (Schiphol), NL, 118CL

Additional Location:

Description:

Imagine your career taking you to the depths of innovation and the heights of impact. Our people enable continuous progress. Their commitment, collective expertise, and unique capabilities are the engine room behind SBM Offshore's True. Blue. Transition. - shaping the future of energy, and beyond.

About Us:

SBM Offshore is the world's deepwater ocean-infrastructure expert. Our work is already resulting in cleaner, more efficient energy production. True. Blue. Transition. is our promise to enable that into the future while at the same time using our expertise to support new and existing markets in the blue economy. It starts with Advancing our Core: continuing to advance the decarbonization of traditional energy production. While Pioneering More: helping to enable the energy transition and using our unique capabilities in ocean infrastructure to support more industries to grow sustainably. Sharing our experience for a better blue tomorrow.

Purpose

• As a Vulnerability Management Specialist, you are responsible for leading the efforts to continuously identify, assess,

  and manage the organization's IT and OT threat attack surface exposure. T You will work closely with other IT & OT

  security teams to prioritize remediation efforts and ensure the overall security posture of the organization. The role

  requires a strong understanding of vulnerability management, penetration testing, and attack surface monitoring

  tools.

Responsibilities

• Lead or participate in security assessments, vulnerability management, and penetration testing initiatives, following

  best practice according to industry standards like ISO 27001, NIST, and GDPR.

• Continuously discover and catalog internet-facing and critical assets on both IT and OT to ensure full visibility of SBM's

  external footprint. Maintain an accurate and up-to-date inventory that reflects changes in the digital landscape.

• Assess discovered assets for misconfigurations, vulnerabilities, and potential exposures. Prioritize identified risks based

  on safety, business impact, and exploitability, as well as relevant threat intelligence.

• Work with the risk assessment team to Assess the risk associated with identified vulnerabilities.
• Stay up-to-date on the latest vulnerabilities and security threats.
• Develop and maintain vulnerability management policies and procedures
• Competent experienced in in deploying, managing, troubleshooting and operationalizing vulnerability managements

  tools.

• Lead the integration of vulnerability findings with threat intelligence to detect active threats and adversary activity.
• Lead coordination with cross-functional teams to ensure timely remediation of vulnerabilities and exposures on both

  IT and OT. Facilitate prioritization based on risk, business impact, and threat context, while driving accountability and

  tracking progress across remediation workflows.

• Design and build dashboards within vulnerability management platforms to visualize asset risk, remediation progress,

  and exposure trends Ensure dashboards are technically robust, stakeholder-aligned, and support data-driven decisionmaking.

• Work closely with system and network administrators to close the identified vulnerabilities and harden configurations. management best practices.

Education

• Bachelor's Degree: A bachelor's degree in computer science, information technology, cybersecurity, or a related field is

  required.

• Master's Degree: A master's degree in cybersecurity, information technology, or a related field is preferred but not

  mandatory.

• Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), Security+,

  CEH (Certified Ethical Hacker), IEC62443 certifications are preferred.

• Language Proficiency: Proficiency in English is essential for effective communication with team members,

  stakeholders, and external vendors..

Experience

• Minimum Experience: At least 5 years of experience in IT security, information security management, or a related field,

  with at least 3 years in a vulnerability management role.

• Technical Skills: Proven experience with continuous threat exposure management, attack surface management, and

  vulnerability management solutions.

• Knowledge Areas:

  Strong understanding of security frameworks and standards such as ISO 27001, NIST, IEC62443 and GDPR.

  Experience with security technologies including firewalls, intrusion detection/prevention systems, antivirus software,

  and encryption tools.

  Experience with vulnerability scanning tools (e.g., Nessus, Tenable, Hexagon).Team Collaboration: Strong collaboration

  and interpersonal skills, with the ability to work effectively within cross-functional teams in dynamic environments.

• Communication Skills: Excellent communication and interpersonal skills, with the ability to liaise effectively with

  stakeholders at all levels of the organization.

• Certifications: Certifications such as CISSP, Security+, or CEH are preferred.
• Continuous Improvement: Commitment towards continuous learning and professional development in the field of

  cybersecurity.

Functional Competencies

GENERAL INFORMATION

SBM Offshore N.V. is a listed holding company that is headquartered in Amsterdam. It holds direct and indirect interests in other companies that collectively with SBM Offshore N.V. form the SBM Offshore Group ("the Company"). For further information, please visit our website at www.sbmoffshore.com. The companies in which SBM Offshore N.V., directly and indirectly, owns investments are separate entities.

SBM Offshore is proud to be an Equal Employment Opportunity and Affirmative Action employer. SBM Offshore does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.