HiringCafe
Posted 3w ago

Vulnerability Management Analyst

@ Tokio Marine HCC
View All Jobs
Barcelona, Catalonia, Spain
OnsiteFull Time
Responsibilities:assist scanning, analyze results, collaborate teams
Requirements Summary:0–2 years in cybersecurity or IT operations; basic vulnerability scanning knowledge; OS, networking and patch management concepts; interest in security frameworks; strong analytical and communication skills.
Technical Tools Mentioned:Vulnerability Scanning Tools, PowerShell, Power BI
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job Title: Vulnerability Analyst

Reporting to: Threat & Vulnerability Lead

Direct Reports: N/A

Position Type: Full Time

Overview:

The Vulnerability Analyst will support the identification, analysis, and remediation of security vulnerabilities across cloud and on-premises environments. This role is suited to a graduate or early-career professional seeking hands-on experience in vulnerability management, risk assessment, and security operations while working closely with experienced security and technology teams.

Why Tokio Marine HCC?

Standing still is not an option in the current world of Insurance. TMHCC is one of the world’s leading Specialty Insurers. With deep expertise in our chosen lines of business, our unparalleled track record and a solid balance sheet, TMHCC evaluates and manages risk like no one else in the industry. Looking beyond profit, empowering our people and delivering on our commitments are at the core of our customer values, along with a desire to grow and provide creative and innovative solutions to our clients.

This role sits within: IT

We are the foundation for TMHCC’s success - enabling the business to grow, compete, and innovate through technology, security, and solution design. From shaping strategy to delivering resilient operations, we ensure every capability is aligned to business value. Our inclusive and collaborative culture empowers everyone to explore ideas, solve meaningful challenges, and build fulfilling careers that make a real impact.

Job Purpose:

Identify, analyse, and prioritise security vulnerabilities across cloud and on-premises environments, working with technical teams to drive timely, effective remediation.

Key Responsibilities:

· Assist in the execution of the vulnerability management lifecycle across both On-Prem Infrastructure and cloud environments, including scanning, assessment, reporting, and remediation tracking.

· Support the analysis and validation of scan results, helping to identify false positives and categorise vulnerabilities by severity.

· Collaborate with IT and development teams to track remediation activities and verify fixes.

· Monitor dashboards for asset discrepancies and work with system/application owners to ensure the CMDB is accurate & up to date.

· Contribute to dashboards and reports that highlight vulnerability trends, remediation progress, and key metrics.

· Research emerging vulnerabilities, CVEs, and vendor advisories to support proactive risk awareness.

· Continuously learn and contribute to process improvements within the vulnerability management function.

Performance Objectives:

· Develop a strong understanding of the organisation’s cloud and on-prem environments, vulnerability tooling, and risk frameworks, and independently validate and triage vulnerability findings.

· Begin managing assigned vulnerabilities end-to-end, ensuring accurate risk prioritisation and adherence to defined remediation SLAs.

Skills and Experience Specification:

Essential:

· 0–2 years of experience in cybersecurity, IT operations, or a related technical role (internship or graduate experience acceptable).

· Basic understanding of vulnerability scanning concepts and tools

· Understanding of operating systems, networking, and patch management concepts, with awareness of how these apply in both traditional infrastructure and cloud environments.

· Interest in learning about security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).

· Strong analytical and problem-solving skills, with attention to detail.

· Effective communication skills and a willingness to collaborate across technical teams.

· A proactive mindset and enthusiasm for developing a career in cybersecurity.

Desirable:

· Exposure to scripting languages (e.g., PowerShell) for data handling or automation

· Experience with Power BI for creating dashboards and visualising data

What We Offer

The Tokio Marine HCC Group of Companies offers a competitive salary and employee benefit package. We are a successful, dynamic organization experiencing rapid growth and are seeking energetic and confident individuals to join our team of professionals.

The Tokio Marine HCC Group of companies is an equal opportunity employer. Please visit www.tmhcc.com for more information about our companies.

#LI-HF1