Senior Vulnerability Engineer

Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.

We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world's leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.

We are seeking a Senior Vulnerability Management Engineer to lead and enhance our vulnerability detection and remediation capabilities across on-prem and cloud environments. This role is highly technical and sits at the core of our cyber defense function, ensuring full alignment with FINMA, DORA and MAS requirements in this key area of cyber risk. 

You will serve as our technical authority for Tenable instances, on prem and cloud, and drive engineering improvements, integration with ITSM system, and regulatory-grade reporting. 

Your Key Tasks 

• Lead engineering, architecture, and advanced configuration of  / / Nessus across hybrid infrastructures. 
• Oversee authenticated scanning across servers, cloud workloads, network appliances, databases, and container platforms. 
• Integrate Tenable with enterprise systems (CMDB, SIEM, ITSM) using APIs and scripting (Python/PowerShell). 
• Engineer cloud vulnerability coverage via connectors, agents, and container registry scans. 
• Enhance detection accuracy through custom plugins, scan policy tuning, and automation pipelines. 
• Provide technical leadership and guidance to remediation teams, ensuring adherence to CIS/NIST/SWIFT/ISO standards. 
• Produce regulator-ready metrics, dashboards, and audit evidence for FINMA and MAS reviews. 
• Contribute to security architecture, hardening initiatives, and continuous improvement of the vulnerability management program. 

• Extensive hands-on experience with Tenable , , Nessus Manager). 
• Deep technical expertise in vulnerability detection, authenticated scan engineering, and hybrid infrastructure scanning. 
• Strong knowledge of networks, Windows/Linux, VMware, cloud platforms (AWS and OCI), and container ecosystems. 
• Scripting and automation skills (Python, PowerShell, REST APIs). 
• Solid understanding of security frameworks: CIS Benchmarks, ISO 27001, SWIFT CSCF, CSA CCM. 
• Experience in FINMA, MAS and DORA regulated financial environments (banks, insurers, securities firms). 
• Ability to communicate technical risk clearly to both engineers and senior management. 
• Certifications: OCI Security Professional, Tenable Certified Engineer, CISSP 
• Exposure to Kubernetes, Terraform/Ansible, CI/CD pipelines, and automated hardening tools. 
• Experience leading vulnerability engineering. 

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.  

#LI-Hybrid