Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

Mission

End-to-end ownership of the vulnerability management platform, embedded within the Offensive Security team, specifically in the Offensive Engineering and Innovation domain. Responsible for ensuring the platform effectively supports pentesting services, both from the client perspective and internal teams, from requirements definition through delivery and continuous evolution.

Responsibilities

• Define and maintain the platform roadmap, aligned with business needs
• Translate operational requirements (internal users, clients, management) into clear and actionable specifications
• Lead the Product Engineering team
• Validate functionality, quality, and consistency of deliverables
• Define and oversee integrations with external tools
• Ensure the platform evolves sustainably, without accumulating technical debt
• Establish best practices for development, testing, and validation
• Leverage LLM tools to accelerate development while maintaining quality control
• Scope
• Product
• Engineering
• Operations

This role is not purely technical nor purely managerial. It is accountable for ensuring the platform works effectively in real-world usage for its daily users.

Technical Skills

Required:

• Strong experience in web development (backend and frontend)
• Experience with API-based architectures
• Experience with modern stacks (e.g., PHP Symfony, React, Docker, etc.)
• Experience with system integrations
• Ability to define and validate technical architecture

Very Important:

• Experience in requirements definition and prioritization
• Ability to assess code quality and technical decisions
• Experience working with small, autonomous teams
• Familiarity with the use of LLMs in development (generation, review, validation)

Differentiators:

• Experience with security platforms or vulnerability management
• Background in Application Security (AppSec)
• Experience with automation or internal tooling
• Non-Technical Skills
• Structured, product-oriented thinking
• Strong prioritization capability
• Clear communication across technical and non-technical stakeholders
• Strong ownership of outcomes
• Pragmatism and focus on impact
• Success Indicators
• The platform effectively meets team and client needs
• Reduced operational friction in pentesting services
• Consistent, high-quality deliveries
• Strong integration with external tools
• Continuous evolution without platform degradation

What we offer:

• Professional development and monitoring talent;
• Commitment to our employees' development;
• Collaboration in a company that is constantly growing and evolving;
• Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.

Would you like to join our team? Then send your CV.