imec logo
Contact
CMOS: advanced and beyond
Discover why imec is the premier R&D center for advanced logic & memory devices.
Integrated photonics
Take a look at technologies for optical transceivers, sensors and more.
Health technologies
See how imec brings the power of chip technology to the world of healthcare.
Sensing and actuation
Explore imec’s CMOS- and photonics-based sensing and actuation systems.
Connectivity technology
Look into our reliable, high-performance, low-power network technologies.
More expertises
Discover all our expertises.
Research
Be the first to reap the benefits of imec’s research by joining one of our programs or starting an exclusive bilateral collaboration.
Manufacturing
Go from idea to scalable and reliable semiconductor manufacturing with IC-Link.
Venturing and startups
Kick-start your business. Launch or expand your tech company by drawing on the funds and knowhow of imec’s ecosystem of tailored venturing support.
Education and workforce development
Imec supports formal and on-the-job training for a range of careers in semiconductors.
NanoIC pilot line
Aligned with the EU Chips Act, access to the pilot line will accelerate beyond-2nm innovation.
Semiconductor technology
Life sciences and health solutions
Data and telecommunication
Automotive technologies
Robotics technology for Industry 4.0
More applications
/Security Engineer - Vulnerability Management

Security Engineer - Vulnerability Management

Engineering - Leuven | Just now

To further strengthen our Security Operations team, imec is looking for a security engineer with a focus on vulnerability management who will help protecting imec’s research and development (R&D) environment by continuously identifying, analysing, and reducing security vulnerabilities across our IT and OT landscape.
Apply

Security Engineer – Vulnerability Management

What you will do

You operate imec’s continuous vulnerability monitoring capability, using a primary continuous scanning platform complemented by secondary periodic scanners and external attack surface management tooling. Your focus is not just on finding vulnerabilities, but on understanding which ones truly matter, why they matter, and how risk can be reduced effectively in a complex R&D context.

You work closely with platform owners, DevOps teams, cloud and infrastructure engineers, and the security operations team to ensure vulnerabilities are addressed in a risk‑based, pragmatic, and transparent way.

Your responsibilities

1. Continuous vulnerability monitoring & analysis

  • Operate and improve imec’s continuous vulnerability monitoring program. 
  • Use EASM tooling to identify externally exposed assets, misconfigurations, shadow IT, …
  • Analyse and validate scan results, distinguishing real world risk from theoretical findings. 
  • Assess exploitability, exposure, and potential business or research impact. 
  • Separate noise from risk and clearly flag vulnerabilities requiring immediate attention.
  • Support internal and external audits, including preparations, evidence collection, and follow up of findings.
  • Monitor adherence to security policies and standards across imec.

2. Risk-based prioritization & coordination

  • Prioritize vulnerabilities using contextual factors such as threat intelligence, exposure, asset criticality, and research impact — not CVSS alone. 
  • Collaborate with system owners, DevOps teams, and infrastructure and cloud engineers to agree on remediation timelines or compensating controls. 
  • Clearly explain risks, root causes, and remediation options to both technical and non technical stakeholders. 
  • Own the follow up on vulnerabilities until risk is reduced, mitigated, or formally accepted (you are not responsible for patching systems yourself).

3. Engineering and innovation

Beyond day-to-day operations, you contribute to expanding and improving imec’s vulnerability management capability by: 

  • Expanding scanning coverage across platforms, environments, or asset types. 
  • Integrating vulnerability data into dashboards, asset inventories, or security pipelines. 
  • Improving automation, alerting, enrichment, and reporting workflows. 
  • Helping evolve vulnerability management from a tool driven process into a scalable security capability.

4. Reporting, metrics & continuous improvement

  • Maintain dashboards and KPIs that show remediation progress, risk reduction over time, and emerging vulnerability trends.
  • Identify recurring weaknesses, misconfigurations, or lifecycle gaps and propose structural improvements. 
  • Provide data driven input into patch management, hardening initiatives, and architectural decisions. 
  • Support management and security leadership with clear, decision oriented insights.

5. Support during security incidents

  • Support SOC and incident response teams by explaining the relevance of vulnerabilities during incidents. 
  • Help determine whether exploitation is likely, possible, or ongoing, and which vulnerabilities matter most in an incident context.

6. Leveraging AI for efficiency

  • Use AI enabled analysis to accelerate triage, correlate vulnerabilities with threat intelligence, and identify patterns at scale
  • Explore AI based enrichment and prioritization suggestions to reduce manual work
  • Contribute to AI assisted workflows that support analyst judgement and improve timely detection with human decision making remaining central.

What we do for you

We offer you the opportunity to join one of the world’s premier research centers in nanotechnology at its headquarters in Leuven, Belgium. With your talent, passion and expertise, you’ll become part of a team that makes the impossible possible. Together, we shape the technology that will determine the society of tomorrow.

We are committed to being an inclusive employer and proud of our open, multicultural, and informal working environment with ample possibilities to take initiative and show responsibility. We commit to supporting and guiding you in this process; not only with words but also with tangible actions. Through imec.academy, 'our corporate university', we actively invest in your development to further your technical and personal growth. 

We are aware that your valuable contribution makes imec a top player in its field. Your energy and commitment are therefore appreciated by means of a market appropriate salary with many fringe benefits. 

Who you are

Experience & knowledge

  • Bachelor’s or Master’s degree in Computer Science, IT, Engineering, Cybersecurity, or degree in another area combined with equivalent practical experience.
  • Foundational understanding of vulnerabilities, operating systems, cloud services, and security principles.
  • Understanding of exploitability, attack paths, or threat actor behavior
  • Experience with vulnerability scanning / management platforms or strong motivation/ability to learn
  • Scripting or automation experience (e.g. powershell, python)
  • Analytical skills to interpret scan results and assess real versus theoretical risk.
  • Innovative mindset, ability to learn how AI technologies can improve the vulnerability management capability and implement these solutions.
  • Clear communication skills in English, enabling collaboration in a multicultural environment.

Skills & mindset

  • You are analytical, curious, and motivated to reduce security risk before attackers can exploit it.
  • You enjoy working at the intersection of technology, risk, and collaboration.
  • You are comfortable operating in complex environments where not everything can be patched immediately, and risk trade‑offs matter.

Following assets are considered a plus:

  • Proven experience with vulnerability scanning / management platforms
  • Familiarity with security operations processes

 

IMEC and its affiliates will not accept unsolicited resumes from any source other than directly from a candidate. IMEC will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (hereafter “Agency”) to have been referred by the Agency free of charge. IMEC will not pay a fee to any Agency that does not have a prior written agreement with IMEC, validated by its HR department, in place regarding a specific job opening and allowing to submit resumes.

Apply
Who we are
Accept analytics-cookies to view this content.
imec's cleanroom
Accept analytics-cookies to view this content.

Explore our other vacancies

Device and Technology Optimization Researcher

As a design-technology co-optimization (DTCO) researcher, you will explore and define the technology for advanced devices at the cell level through process- and layout-aware modeling and benchmarking.

High-speed optical transceiver test engineer (Japan)

Test and characterize high-speed optical transceivers, consisting of cutting edge Silicon Photonics integrated circuits and scaled-CMOS electronics.

Security Engineer – Detection & SOAR

As a a security engineer with a focus on detection engineering and SOAR who will help strengthen imec’s security posture by designing high fidelity detections, building automation that accelerates incident response, and supporting complex security

Logistiek Assistent (cleanroom)

Voor de logistieke ondersteuning bij de installaties van nieuwe machines in de Imec cleanroom bieden wij een dag-functie zonder shiften aan.

Management Assistant

Join Imec’s Business Development team and play a key role in ensuring seamless operations with your administrative and organizational expertise!

Shift Technieker (volcontinu)

Als shift technieker in het volcontinu systeem maak je deel uit van ons maintenance team. Je houdt van een afwisselende job en je bent geïnteresseerd in verschillende technische disciplines.
Job opportunities

Send this job to your email