Security Engineer – Vulnerability Management

What you will do

You operate imec’s continuous vulnerability monitoring capability, using a primary continuous scanning platform complemented by secondary periodic scanners and external attack surface management tooling. Your focus is not just on finding vulnerabilities, but on understanding which ones truly matter, why they matter, and how risk can be reduced effectively in a complex R&D context.

You work closely with platform owners, DevOps teams, cloud and infrastructure engineers, and the security operations team to ensure vulnerabilities are addressed in a risk‑based, pragmatic, and transparent way.

Your responsibilities

1. Continuous vulnerability monitoring & analysis

• Operate and improve imec’s continuous vulnerability monitoring program. 
• Use EASM tooling to identify externally exposed assets, misconfigurations, shadow IT, …
• Analyse and validate scan results, distinguishing real world risk from theoretical findings. 
• Assess exploitability, exposure, and potential business or research impact. 
• Separate noise from risk and clearly flag vulnerabilities requiring immediate attention.
• Support internal and external audits, including preparations, evidence collection, and follow up of findings.
• Monitor adherence to security policies and standards across imec.

2. Risk-based prioritization & coordination

• Prioritize vulnerabilities using contextual factors such as threat intelligence, exposure, asset criticality, and research impact — not CVSS alone. 
• Collaborate with system owners, DevOps teams, and infrastructure and cloud engineers to agree on remediation timelines or compensating controls. 
• Clearly explain risks, root causes, and remediation options to both technical and non technical stakeholders. 
• Own the follow up on vulnerabilities until risk is reduced, mitigated, or formally accepted (you are not responsible for patching systems yourself).

3. Engineering and innovation

Beyond day-to-day operations, you contribute to expanding and improving imec’s vulnerability management capability by: 

• Expanding scanning coverage across platforms, environments, or asset types. 
• Integrating vulnerability data into dashboards, asset inventories, or security pipelines. 
• Improving automation, alerting, enrichment, and reporting workflows. 
• Helping evolve vulnerability management from a tool driven process into a scalable security capability.

4. Reporting, metrics & continuous improvement

• Maintain dashboards and KPIs that show remediation progress, risk reduction over time, and emerging vulnerability trends.
• Identify recurring weaknesses, misconfigurations, or lifecycle gaps and propose structural improvements. 
• Provide data driven input into patch management, hardening initiatives, and architectural decisions. 
• Support management and security leadership with clear, decision oriented insights.

5. Support during security incidents

• Support SOC and incident response teams by explaining the relevance of vulnerabilities during incidents. 
• Help determine whether exploitation is likely, possible, or ongoing, and which vulnerabilities matter most in an incident context.

6. Leveraging AI for efficiency

• Use AI enabled analysis to accelerate triage, correlate vulnerabilities with threat intelligence, and identify patterns at scale
• Explore AI based enrichment and prioritization suggestions to reduce manual work
• Contribute to AI assisted workflows that support analyst judgement and improve timely detection with human decision making remaining central.
  
  

What we do for you

We offer you the opportunity to join one of the world’s premier research centers in nanotechnology at its headquarters in Leuven, Belgium. With your talent, passion and expertise, you’ll become part of a team that makes the impossible possible. Together, we shape the technology that will determine the society of tomorrow.

We are committed to being an inclusive employer and proud of our open, multicultural, and informal working environment with ample possibilities to take initiative and show responsibility. We commit to supporting and guiding you in this process; not only with words but also with tangible actions. Through imec.academy, 'our corporate university', we actively invest in your development to further your technical and personal growth. 

We are aware that your valuable contribution makes imec a top player in its field. Your energy and commitment are therefore appreciated by means of a market appropriate salary with many fringe benefits. 

Who you are

Experience & knowledge

• Bachelor’s or Master’s degree in Computer Science, IT, Engineering, Cybersecurity, or degree in another area combined with equivalent practical experience.
• Foundational understanding of vulnerabilities, operating systems, cloud services, and security principles.
• Understanding of exploitability, attack paths, or threat actor behavior
• Experience with vulnerability scanning / management platforms or strong motivation/ability to learn
• Scripting or automation experience (e.g. powershell, python)
• Analytical skills to interpret scan results and assess real versus theoretical risk.
• Innovative mindset, ability to learn how AI technologies can improve the vulnerability management capability and implement these solutions.
• Clear communication skills in English, enabling collaboration in a multicultural environment.

Skills & mindset

• You are analytical, curious, and motivated to reduce security risk before attackers can exploit it.
• You enjoy working at the intersection of technology, risk, and collaboration.
• You are comfortable operating in complex environments where not everything can be patched immediately, and risk trade‑offs matter.

Following assets are considered a plus:

• Proven experience with vulnerability scanning / management platforms
• Familiarity with security operations processes

IMEC and its affiliates will not accept unsolicited resumes from any source other than directly from a candidate. IMEC will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (hereafter “Agency”) to have been referred by the Agency free of charge. IMEC will not pay a fee to any Agency that does not have a prior written agreement with IMEC, validated by its HR department, in place regarding a specific job opening and allowing to submit resumes.