Operational Vulnerability Management Specialist (Webserver Area) (m/f/d)

ABOUT US

At BASF Digital Hub Madrid we develop innovative digital solutions for BASF, create new exciting customer experiences and business growth, and drive efficiencies in processes, helping to strengthen BASF´s position as the digital leader in the chemical industry. We believe the right path is through creativity, trial and error and great people working and learning together. Become part of our team and develop the future with us - in a global team that embraces diversity and equal opportunities.

WHAT YOU CAN EXPECT

As a member of the cloud native security team your main focus will be the security operations of our Webserver environment (Apache / Tomcat / IIS / etc.)
You will be responsible for developing and implementing processes for the continuous monitoring ad handling of vulnerabilities, with a big focus on automation and use of new capabilities and technologies. You will also be the sparring’s-partner for other departments and BASF Divisions, supporting and consulting our users in security best practices in the specific area of expertise. 
You will also be participating in Cyber security Projects at global scale. 
You will be in constant alignment with the cyber security organization and will support the team manager to guarantee the delivery of the security services for the products in scope of our organization.  

Main activities: 

• Design and implement a comprehensive vulnerability management program for the webserver environment.
• Conduct vulnerability assessments and scans across webserver platforms, ensuring timely detection and prioritization of risks.
• Work closely with the Web Services team to define and execute remediation plans for identified vulnerabilities.
• Develop and maintain workflows, processes, and policies for vulnerability detection, reporting, and mitigation.
• Establish monitoring tools and frameworks to proactively identify risks in real-time.
• Provide guidance on secure webserver configurations, ensuring compliance with relevant security standards and best practices (e.g., CIS benchmarks, OWASP Top 10).
• Prepare reports for senior management on vulnerability metrics, risk assessments, and progress toward remediation goals.
• Stay up to date on emerging vulnerabilities, threats, and trends in webserver security.

WHAT YOU OFFER

• Degree in business computer science, natural sciences or a comparable qualification.
• Several years of relevant professional experience in the field of cyber security operations. 
• You have extensive knowledge of common cyber and security standards (such as ISO 2700x, NIST, CSA, etc.) 
• Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and strong understanding of webserver technologies (e.g., Apache, Nginx, IIS) and configurations. 
• You are characterized by a professional appearance and a high willingness to learn and perform.
• You also have analytical, problem structuring and solution development skills.
• Your strengths include as well a team and service orientation.
• Ability to work independently, solve complex problems, and build a program from scratch.
• You can demonstrate fluent communication skills in English (spoken and written) 

WHAT WE OFFER

•  A secure work environment because your health, safety and wellbeing is always our top priority.
• Flexible work schedule and Home-office options, so that you can balance your working life and private life.
• Learning and development opportunities
• 23 holiday days per year
• 5 additional days (readjustment)
• 2 cultural days
• A collaborative, trustful and innovative work environment
• Being part of an international team and work in global projects
• Relocation assistance to Madrid provided

At BASF, the chemistry is right 

Because we are counting on innovative solutions, on sustainable actions, and on connected thinking. And on you. Become a part of our formula for success and develop the future with us - in a global team that embraces diversity and equal opportunities irrespective of gender, age, origin, sexual orientation, disability or belief. 

HOW TO REACH US

If you're interested in the position or know someone who might be and need support on how to take next steps, please send an email to maria.alvarez@basf.com

Diversity is our greatest strength!

 Become a part of our winning formula for success and develop the future with us -- in a global team that embraces inclusion and equal opportunities irrespective of gender, age, origin, sexual orientation, disability or belief.