At CANCOM, you can expect an innovative, agile and sustainable environment. More than 4,000 employees work every day to improve collaboration and exchange in various areas of life with the help of modern IT solutions. Do you want to be a part of it and take the next step in your career? Why don't you become part of our Digital Journey. We are looking forward to people from a wide range of disciplines who are open to new things, have innovative ideas and want to advance goals together as a team.

• Performing regular vulnerability scans of the entire IT infrastructure (network, servers, clients, cloud services)
• Analyzing and evaluating the identified vulnerabilities in terms of their potential business risk (severity, exploitability, asset criticality)
• Determining the order of remediation based on risk in order to focus limited resources on critical areas
• Planning, coordinating, testing, and monitoring the deployment of security patches and software updates on all affected systems
• Working closely with IT operations teams (network, system administration, application development) to effectively implement remediation measures
• Tracking patch status, identifying failed patches, and generating detailed reports for management and auditors
• Ensuring compliance with relevant security standards and legal requirements (e.g., BSI IT-Grundschutz, ISO 27001)
• Maintaining detailed records of all patching activities, test results, and issues resolved

• A degree in computer science, IT security, or comparable training with relevant professional experience
• At least 7 years of experience in IT infrastructure in server management (Windows), network protocols, and endpoint protection
• Expertise in using vulnerability scanning tools (e.g., Tenable Nessus, Qualys, Rapid7)
• Experience with patch management systems (e.g., Microsoft SCCM/MECM, WSUS, automation tools, NinjaOne)
• Understanding of common assessment methods such as CVSS (Common Vulnerability Scoring System) and CVEs (Common Vulnerabilities and Exposures)
• Skills in scripting languages (e.g., PowerShell, Python) for process automation are an advantage
• Knowledge of ITIL processes, especially release and change management
• Quick grasp of complex technical relationships and their risk assessment
• Strong communication skills for coordinating with different teams and reporting to management in a clear manner
• Ability to troubleshoot and quickly resolve issues that may arise from updates
• Structured approach to planning and monitoring parallel patching cycles
• The cyber threat landscape is constantly changing, so continuous training is essential.
• Certifications (desirable): Industry-standard certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), GIAC certifications (e.g., GCIH, GCIA), or specific tool certifications underscore expertise

• Flexible working hours and mobile office in coordination with the manager
• State-of-the-art equipment including company phone, which may also be used privately
• Discounts thanks to the "Corporate Benefits" portal
• Bike leasing
• Free beverages & vitamins (fruit)
• Further training opportunities
• Employee events

Oliver Millack

+49 89 540 54-5454