We are looking for aSecurity Engineerto join our Client's team under ahybridwork model (once per week in the office in Lisbon).
At Hexa Consulting, we are more than an IT consulting company — we are a place where technological talent grows.
Based in Portugal, we value transparency and a people-first approach, helping professionals take the next big step in their IT careers.
Our mission is to build strong relationships and support the development of every team member.
With projects in Nearshore, Time & Material, Service Management, and Tech Academies, you will find opportunities to learn, innovate, and grow in your career.
Key Responsibilities:
Operate and continuously improve the vulnerability management lifecycle, from identification to validation and closure
Manage and maintain vulnerability scanning tools for servers, endpoints, cloud, and containerized environments
Analyse vulnerability data, prioritize findings based on business impact, and coordinate remediation with asset owners
Develop and maintain dashboards, metrics, and management reports related to vulnerability status and risk exposure
Support compliance initiatives related to ISO *****, NIS2, and internal audit requirements
Collaborate with DevSecOps and Infrastructure teams to automate scanning and patch validation workflows
Participate in threat and vulnerability assessments for new systems and third-party integrations
Required Qualifications:
3 – 5 years of experience in cybersecurity engineering, vulnerability management, or system hardening
Solid knowledge of common vulnerability scanning tools such as Tenable, Qualys, Rapid7, or OpenVAS
Strong understanding of system and network security fundamentals across Linux, Windows, and cloud platforms (AWS, Azure)
Strong analytical skills with the ability to interpret complex data and communicate findings clearly
Proficiency in English, both written and spoken
Experience with ticketing systems and risk tracking tools for vulnerability remediation workflows
Experience with project management practices or methodologies
Bachelor's degree in Information Security, Computer Science, or equivalent professional experience
Preferred Qualifications:
Industry certifications such as CompTIA Security+, CEH, GSEC, or Vendor Certified Practitioner
Familiarity with SIEM platforms, configuration management, or threat intelligence integration
Experience working in enterprise or multinational environments
Scripting or automation experience using Python, PowerShell, or Bash
Why Join Us?
Contract Type:Permanent / Employment or B2B, according to preference
Health Insurance:Comprehensive coverage for your well-being
Hybrid Model:Flexible hybrid work arrangement
Continuous Learning:Access to a Udemy Business subscription with thousands of courses and workshops
Team Culture:A collaborative, relaxed, and innovative environment
If you meet the above criteria and are ready for an exciting opportunity in a dynamic environment, send us your CV!