Lunik: From Inventors to ExplorersLunik: From Inventors to Explorers

Senior TVM Analyst

Reporting to the TVM Team Lead as a Senior TVM Analyst, you will work with a high-performance global Cyber team working in the threat and vulnerability management function. Your core responsibilities will be to assess existing and emerging threats using a variety of enterprise and custom tooling, evaluate risk and work with the relevant technology teams to drive timely remediation. You will contribute to technical workstreams across existing and new systems, ensuring that security tooling and controls are integrated in line with our vulnerability management strategy.

This role offers the opportunity to shape and enhance our TVM function through process improvement, tooling development and innovation as we adapt to an ever-evolving tech stack. You will need to be highly motivated, adaptable, and able to operate effectively in a fast-paced, global environment with short deadlines and evolving priorities.

Responsibilities

Key responsibilities include, but are not limited to:

  • Operate and continuously improve vulnerability detection and management tooling across internal infrastructure, web applications, privately managed on-premise cloud environments, and vendor-hosted private cloud platforms
  • Assess and validate vulnerabilities, including technical verification of issues and the effectiveness of remediation efforts.
  • Monitor the threat landscape and maintain awareness of vulnerabilities affecting our technology estate, using threat intelligence to inform detection strategies.
  • Collaborate across technical teams to drive timely remediation, embedding security controls into both existing and emerging systems in line with our vulnerability management strategy.
  • Perform vulnerability assessments and targeted penetration testing of new or high-risk systems, collaborating with engineering teams to identify and address critical exposures early.
  • Contribute to the evolution of the TVM function through process improvements, tooling development, and alignment with organisational risk priorities.

Technical knowledge and experience

The successful candidate must possess a strong understanding of the following;

  • Operational administration of enterprise-grade vulnerability scanning platforms (e.g. Tenable, Qualys), including tuning, scheduling, and asset coverage validation.
  • Familiarity with common defensive and detection tools (e.g. SIEM, IDS/IPS, secure gateways), and experience working with detection engineering teams to translate vulnerability insights into monitoring logic.
  • Solid understanding of operating systems (Windows, Linux), networking technologies, and secure configuration practices.
  • Awareness of threat actor TTPs, common attack surfaces, and how these map to vulnerabilities across cloud and on-premise environments.
  • Working knowledge of enterprise infrastructure and security architectures, with the ability to identify weak design patterns and advise on improvements from a vulnerability exposure standpoint.

Business Skills

  • Strong communication skills with the ability to translate complex technical issues into clear, actionable language for both technical and non-technical audiences.
  • Ability to work and communicate effectively in a global, multi-office, environment and willing to travel to overseas offices, as required.
  • Must demonstrate the ability to maintain strict confidentiality of the company’s internal and personnel affairs
  • Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high- pressure, ever changing, environment
  • Ability to support with technical and procedural transformation and adapt to a rapidly changing environment.
  • Highly self-motivated and directed, and able to harness different skills and experience, and enjoy a strong sense of team spirit.
  • Excellent communication skills in English, written and verbal, to include technical documentation and the ability to work with individuals at all levels of the organisation.
  • Must demonstrate professionalism and maturity when working with internal business functions, peers, senior management, and vendors
  • Detail oriented with strong organisational, documentation and technical writing skills

Education. Certifications

  • Prior experience working in a Threat and Vulnerability Management (TVM) team or in a related vulnerability management role.
  • Relevant cybersecurity certifications or training (e.g. OSCP, GIAC , CPTS etc.).
  • Scripting or automation experience (e.g. Python, Ruby, PowerShell) to support tool integration or data processing tasks.
  • Familiarity with structured risk frameworks and security governance processes.
  • A degree in Computer Science, Cybersecurity, or a related technical discipline — or equivalent professional experience.

Job Category: Security
Job Type: Full Time
Job Location: Málaga

Menu