Security Engineer (Vulnerability Scanning & Patch Management)

We are seeking a proactive and detail-oriented Security Engineer – Vulnerability Scanning & Patch Management to lead the identification, assessment, and remediation of security vulnerabilities across our environments within KMG Rompetrol in Bucharest.

Rompetrol, part of KMG International, is the place where thousands of minds and over 200 specializations spread throughout 11 countries are connecting to each other to create the energy we all need to get further. We believe that through trial and perseverance, true ambition is inspired, and success achieved. With this reasoning, we intend to welcome you to our Rompetrol family and help you reach your full potential.

So, are you ready to fuel your career, in a diverse and fulfilling environment?

Your new role:  You will serve as the primary point of contact for vulnerability management, collaborating with IT and business stakeholders to ensure timely patching and risk reduction. You will oversee the implementation, tuning,and continuous improvement of vulnerability scanning tools and patch management
processes, ensuring they are efectively configured, monitored, and aligned with industry.

Activities going to help you shine:

• Lead the deployment, configuration, and ongoing management of vulnerability scanning solutions to identify security gaps across endpoints, servers, networks,and cloud assets.
• Perform regular vulnerability assessments, analyze scan results, and prioritize findings based on risk and business impact.
• Coordinate and track patch management activities, ensuring timely remediation of identified vulnerabilities in collaboration with IT, application owners, and other stakeholders.
• Develop and maintain patching schedules, procedures, and documentation to support compliance and audit requirements.
• Monitor the efectiveness of vulnerability management and patching processes,recommending improvements and automation where possible.
• Conduct root cause analysis of recurring or critical vulnerabilities, documenting findings and driving remediation actions.
• Stay current on emerging vulnerabilities, exploits, and relevant security advisories to enhance scanning logic and patching strategies.
• Generate periodic vulnerability and patch management metrics and reports for leadership, highlighting trends, gaps, and actionable recommendations.
• Collaborate with internal teams during vulnerability remediation e􀆯orts, ensuring minimal disruption to business operations.
• Organize and lead post-remediation reviews to support continuous improvement and risk reduction initiatives.

The fuel needed to go further with us:

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent practical experience).
• 3–5+ years in vulnerability management, patch management, or security operations,with demonstrable hands-on experience.
• Strong understanding and practical experience with vulnerability scanning tools (e.g., Qualys, Rapid7, Tenable) and patch management platforms.
• Proficiency in risk assessment, remediation prioritization, and vulnerability lifecycle management.
• Experience with security frameworks and compliance standards (e.g., CIS, NIST, ISO27001).
• Excellent problem-solving and analytical skills, with a high level of attention to detail.
• Relevant certifications (e.g., CompTIA Security+, CISSP, GIAC GCIH, GPEN, GCWN) are a plus.

You will be supplied with:
 
•    Meal tickets 
•    Vacation bonus
•    The number of your vacation days increase according to your seniority so that you'll enjoy more free time.
•    Access to private medical system (medical package) and special subscription rates for family members
•    On site medical assistance
•    Life and medical insurance
•    Free days and financial support for personal events (marriage, childbirth, loss of a close relative) 
•    Study leave
•    Christmas/1st of June celebration with a special gift for children 
•    Partners’ discounts
•    Access to training programs
•    Supportive and professional teams and environment
•    Bookster (borrow books for free, delivered in the office)
•    Fuel discount in our gas stations with RompetrolGo+ card 
•    Short working schedule on Friday
•    Flexible working program
•    Hybrid schedule: 4 days at the office, 1 day remote

 
What you need to do now:
If you are interested in this role, go to "apply now" to send an updated copy of your resume.

Fuel your career and start a new journey with us!
#GetFurtherWithUs