Nebius
Nebius2h ago
New

Vulnerability Operation Center Lead

Remote - EuropeRemotelead
OtherCenter
0 views0 saves0 applied

Quick Summary

Overview

About Nebius: Nebius is leading a new era in cloud infrastructure for the global AI economy.

Technical Tools
OtherCenter

Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.

Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.

Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

The team maintains the full vulnerability management lifecycle - from detection and triage through remediation tracking and reporting - across Nebius's cloud infrastructure, product, and hardware stack. The team's focus is on improving vulnerability triaging capabilities and vulnerability data quality, driving effective remediation, and serving as the first line of response for the most critical zero-day vulnerabilities.

We're building a Vulnerability Operations Center from the ground up and need a senior practitioner to lead it. You'll own the full vulnerability management lifecycle - from detection through triage to remediation tracking and reporting - across Nebius' cloud infrastructure, product and hardware stack. This is a high-impact role with big ownership: you'll define processes, select tooling, work directly with engineering teams, and set the standard for how Nebius responds to vulnerabilities.

Responsibilities

~2 min read
  • Improve and maintain automated vulnerability triaging capabilities and vulnerability data quality through data enrichment (internal and external intelligence feeds), quality metrics, AI-assisted triage, context-aware risk scoring, and vulnerability correlation/chaining.
  • Hands-on validation and triaging of most critical/zero-days vulnerabilities
  • Work closely with vulnerability data consumers and stakeholders across the organization to meet engineering, compliance, and regulatory requirements by delivering high-quality, actionable findings and driving effective remediation.
  • Contribute to the development of internal platforms, including the Unified Vulnerability Management (UVM) system and the security orchestration platform, to automate core vulnerability management workflows and reduce manual effort.
  • Identify current deficiencies in patch management, drive and oversee improvements across engineering teams and business units to improve remediation efficiency and reduce organizational risk
  • Own vulnerability intake from all sources - scanners, bug bounty, threat intel feeds, and penetration tests
  • Prioritize findings using risk-based frameworks (CVSS, EPSS, SSVC, asset criticality, exploitability context, business impact) and reduce false positive noise
  • Drive remediation accountability across infrastructure, platform, and product engineering teams
  • Identify, track and report vulnerability management metrics, present KPIs and trends to security leadership
  • Coordinate response to critical/zero-day vulnerabilities, acting as the primary point of contact across security, engineering, and operations
  • Define and maintain integration between VOC tooling and the broader security ecosystem.
  • 5–8 years in information security with at least 3 years focused on vulnerability management or security operations
  • Deep familiarity with vulnerability scanning tools and their strengths/limitations in cloud-native environments
  • Strong grasp of CVE/NVD, CVSS scoring, EPSS, SSVC and how to apply them to real-world prioritization
  • Experience managing vulnerabilities across IaaS/cloud infrastructure (AWS, GCP, Azure, or private cloud) - experience with GPU/HPC environments is a plus
  • Deep understanding of vulnerability sources limitations and corner cases for different vulnerability classes
  • Able to write and review code (ability or willingness to develop in Golang) - well enough to assess exploitability, validate fixes, and build lightweight automation (e.g., variant-detection scripts, triage tooling, data pipelines for trend analysis)
  • Strong grasp of common vulnerability classes at the code and infrastructure level.
  • Comfortable feeding well-documented vulnerability patterns into AI-assisted code review workflows and critically evaluating the output
  • Track record of working cross-functionally with engineering teams and holding stakeholders accountable to timelines without being a bottleneck
  • Strong written and verbal communication - able to translate technical risk into business impact for non-security audiences

Nice to Have

~1 min read
  • Experience building vulnerability management program from scratch
  • Familiarity with container and Kubernetes security
  • Experience with supply chain security (SBOMs, dependency scanning)
  • Bug bounty triage experience
  • Public talks or research articles
  • Build a Platform Security Vulnerability program from scratch and get to build and lead your own team while doing it
  • The potential to evolve an in-house AI-powered vulnerability management platform into a cloud security offering for Nebius customers
  • Work alongside world-class engineers on infrastructure that powers frontier AI.
  • Competitive compensation with equity upside in a Nasdaq-listed, high-growth company.
  • Flexible, remote-first culture

#LI-CP1

What We Offer

~1 min read
Competitive compensation
Career growth and learning opportunities
Flexibility and ownership
Collaborative and innovative culture
Opportunity to work on impactful AI projects
International environment and talented teams

Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI 

Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire. 

If you need accommodations during the application process, please let us know.

Location & Eligibility

Where is the job
Europe
Remote within a specific region
Who can apply
Europe

Listing Details

Posted
July 15, 2026
First seen
July 15, 2026
Last seen
July 15, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
75%
Scored at
July 15, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Nebius
Nebius
greenhouse

Nebius is a cutting-edge AI cloud platform that offers scalable infrastructure for developing and deploying AI solutions.

Employees
350
Founded
2022
View company profile
Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

NebiusVulnerability Operation Center Lead