Senior Vulnerability Analyst and Penetration Tester (f/m/d)


The Generali Operations Service Platform (GOSP) supports the Generali Group in optimizing its digital services, its service quality and the creation of synergies. GOSP uses common technology platforms for the Group. As a joint venture partner, Accenture provides expertise to support transformation, innovation and scaling. GOSP develops solutions for digitalization and the introduction of a cloud-centric model. GOSP includes IT infrastructure, procurement, and security operations, among others.

That is the job

We are "Generali Operations Service Platform" (in short GOSP). In our core we are the global internal IT infrastructure provider for the Generali group with branches in six countries working closely together in international teams composed of colleagues from Italy, Germany, France, Austria, Czech Republic and Hungary. We are also providing global procurement services and IT-application services all over Europe. To strengthen the Vulnerability Management & Prevention unit, we are looking for you as Senior Vulnerability Analyst and Penetration Tester (m/f/d)

The reports directly to the Head of Cyber Security of GOSP and is responsible to implement the governance framework and related IT solutions required to effectively execute Vulnerability Management practice for GOSP and its Customers inside the Generali Group.

The activities encompass:

  • execution of periodical vulnerability assessment on both internal and external perimeter, leveraging enterprise solutions
  • execution of web application and penetration tests


Your Tasks

  • Manage and assist the Cyber Security activities in GOSP
  • Establish process and procedure regarding the Secure Software Development Life Cycle
  • Perform and analyse source code (SAST, DAST, IAST)
  • Perform Red Teaming activities in cooperation with GOSP CSIRT based on an agreed cyber threat scenario to validate the detection and prevention capabilities in place; identification of the main weaknesses and vulnerabilities and definition of the remediation actions required
  • Execution of WAPT / PT activities on GOSP infrastructure and/or applications to verify the level of hardening and configuration in place, definition of the mitigation actions for the identified weaknesses
  • Periodical execution of Vulnerability Assessments both on the internal and external perimeter to identify vulnerabilities affecting GOSP infrastructure
  • Tracking and monitoring of the identified vulnerabilities leveraging the Vulnerability Management tool of GOSP
  • Analysis of newly discovered vulnerabilities / 0days collected both from OSINT and CLOSINT sources, assessing the potential impact on GOSP infrastructure


  • Degree in Computer Science, IT Security, or equivalent work experience in Information Security
  • 5+ years of experience in vulnerability assessment / penetration tests activities
  • Knowledge of the main market tools and processes to perform vulnerability assessments (e.g: Qualys, Nessus, Nmap, etc.)
  • Knowledge on the main penetration testing tools available on the market (e.g: OWASP ZAP, Burp Suite, Metasploit, Wireshark, John The Ripper, sqlmap, etc.)
  • Good knowledge of IT networks and protocols, Operating systems, web and application server architectures
  • Good knowledge of Cyber security strategy adoption and regulation
  • Good knowledge of one or more programming languages (e.g: python, PowerShell, C/C++, etc.) 
  • Intermediate English (at least CEFR B2, written/spoken)
  • Ability to work in team and to maintain deadlines on assigned tasks
  • Positive attitude and open to learn on the job
  • Passionate about offensive and defensive security
  • Proactive in identifying obstacles and problems that might impact your daily activities.
  • Very good problem-solving capabilities

You will work in a highly-motivated and international team consisting of colleagues all over Europe mainly located in Italy. You will be in contact with your team members and top management of insurance companies mainly in Europe/ Germany.

We offer home office up to 100%, flexible working hours. As part of the Generali insurance group, we offer extensive social benefits, a company pension scheme and in-house rates.



Die Arbeitswelt wird immer komplexer und die Anforderungen an unsere Kolleginnen und Kollegen steigen. Somit gewinnt das Work-Life-Management zunehmend an Bedeutung. Wir unterstützen mit modernen Arbeitsmodellen dabei, das Berufs- und Privatleben miteinander zu vereinbaren.


Mit vielfältige Angeboten unterstützen wir die Aus- und Weiterbildung unserer Mitarbeitenden, als App auch mobil. Unsere Talentprogramme fördern die berufliche Weiterentwicklung unserer Kolleginnen und Kollegen und bietet für jede Zielgruppe maßgeschneiderte Möglichkeiten.


  Gesundheit und Fitness

Die Gesundheit unserer Kolleginnen und Kollegen liegt uns am Herzen - we care. Daher unterstützen wir diese mit vielen verschiedenen Vorsorge-, Sport-, Versicherungs- und Therapieangeboten


We are Generali. In diesem Sinne fördern wir die Möglichkeit zum Netzwerken mit Kolleginnen und Kollegen auch über direkte Arbeitsbereiche hinaus.



Ziel unserer Personalstrategie ist es, eine leistungsgerechte und faire Vergütung sicherzustellen. Erfolgsabhängige Bonuszahlung, betriebliche Altersvorsorge und diverse Vergünstigungen stellen attraktive Zusatzleistungen dar.


Egal ob mit Mitarbeiterkonditionen für Versicherungs- und Finanzprodukte oder Corporate Benefits – unsere Kolleginnen und Kollegen profitieren von einer Vielzahl an Rabattmöglichkeiten und Zuschüssen.


Persönlicher Kontakt


We look forward to receiving your application in English language.

We are happy to get in touch with you.

After a first get to know with us you will have the opportunity to meet our managers up to CEO level.

Get in touch with our Career-Team per phone:

+49 (0)221/1636 56650


Über Generali

Über uns

Wir stellen unser Unternehmen vor.

mehr erfahren


Unser Beitrag für die Zukunft.

mehr erfahren


Unsere Kultur treibt unsere Strategie.

mehr erfahren