Vulnerability Manager
Luxembourg, LU
On site
Full time
Your future team
You’ll join a cross-functional team that works closely with IT operations, development, and compliance to keep our systems safe. Our culture is collaborative and transparent: we share knowledge, challenge ideas, and support each other in solving complex security issues.
You’ll be a key player in driving vulnerability remediation initiatives and helping the business make informed risk-based decisions.
The advantages of joining us
- Career growth, your way
Access top-notch training and career development, with a clear progression path to help you level up at your own pace. - Global impact, local connections
Work on international projects and collaborate with diverse teams, all while making an impact locally. - Innovative work that matters
Tackle cutting-edge projects and utilize the latest tech, with all the tools you need to stay ahead. - Inclusive, flexible culture
Embrace a culture where your voice matters, with flexible hours to balance work and life seamlessly.
How you’ll contribute to our success
- Define and maintain Vulnerability & Patch Management policy, governance and processes (roles, responsibilities, exceptions, zero‑day handling).
- Design and operate vulnerability detection: infrastructure and application scanning, code scanning, and threat intelligence integration.
- Stay up to date with the constantly evolving security landscape
- Set prioritization and risk criteria (CVSS, asset criticality, exposure), manage exceptions and risk acceptance.
- Coordinate remediation and patching with Infra, Network, Workplace, Apps, DevOps; integrate security checks into CI/CD and DevOps workflows.
- Promote automation and AI/LLM‑based tools (e.g., AISLE‑like platforms) for discovery and remediation.
- Define and publish KPIs and dashboards (e.g., time to remediate, patch compliance, open criticals) to IT and management.
- Discuss with top management to define priorities and timeline for security patching, while acting as a central point of contact for all stakeholders (e.g IT and development teams)
Your skills
- Degree in Computer Science / Information Security or equivalent experience.
- 5–8+ years in IT/security with strong experience in vulnerability management and patching; prior lead/manager experience is a plus.
- Solid technical background: OS, networks, middleware, DBs; experience with cloud and containers is an advantage.
- Practical knowledge of vulnerability scanners (e.g., Tenable/Qualys/Rapid7), patch tools (SCCM/Intune/Ansible/etc.), and AppSec tools (SAST, SCA, DAST, IaC).
- Familiarity with AI/LLM‑based AppSec platforms and DevSecOps practices.
- Knowledge of security frameworks (NIST, ISO 27001, CIS Controls) and relevant regulations.
- Strong coordination, communication, and risk analysis skills; fluent in English and French.
Interested? Please submit your resume in English
Get to know more about Deloitte on our LinkedIn page (#DeloitteLU), Instagram page, YouTube page or website.
With more than 2,600 employees and 98 nationalities, Deloitte Luxembourg is one of the Grand Duchy's largest, strongest and oldest professional services firms. For more than 75 years, our talented teams have been serving clients in various industries delivering high added-value offerings to national and international clients in audit and assurance, consulting, financial advisory, risk advisory, tax, and related services. Deloitte Luxembourg is part of the global Deloitte network.
Deloitte provides leading professional services to nearly 90% of the Fortune Global 500® and thousands of private companies. Our people deliver measurable and lasting results that help reinforce public trust in capital markets and enable clients to transform and thrive. Building on its 180+-year history, Deloitte spans more than 150 countries and territories. Learn how Deloitte’s over 470,000 people worldwide work together every day to make an impact that matters at www.deloitte.com.
Ready, steady, interview!
Preparation is key to success! Here, we share a few tips and tricks to help you feel and look your most confident.
First impressions count!
Your recruitment process
We know waiting to hear back can be torture! Take a breath and familiarize yourself with our classic recruitment procedures.
Trust in the process