Job Title: IT Vulnerability Manager

Location: Hertfordshire

Overall Job Purpose:

The Vulnerability manager provides security profiling analysis, reporting and the implementation and tracking of remediation activities for the assigned environments ensuring appropriate activities are undertaken to maintain accreditation as appropriate.

Activities

Report and track remediation / patching activities affecting all devices and applications within the assigned environment

Interfacing with suppliers and vendors to ensure appropriate activities/assessments are undertaken

Manage the security vulnerabilities and risks across the assigned environments, including identifying and supporting application/system owners to manage risks and remediate vulnerabilities

Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g. local computing environment and supporting infrastructure).

Maintain knowledge of applicable policies, regulations, and compliance documents specifically related to ensuring compliance with the contracted accreditation/classification

Support the selection/implementation of security controls to mitigate risk (e.g., protection of information, systems, and processes)

Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders

Work with stakeholders / suppliers / delivery teams to ensure compliance with Cyber Essentials / Cyber Essentials+

Track, record and actively manage the implementation of MODcerts keeping the customer and all stakeholders fully appraised

Provide vulnerability risk assessment guidance to peers and stakeholders throughout the organization

Maintain relationships with vendors and suppliers, ensuring all relationships are conducted in a professional manner;

Attributes of Successful Candidate

Determined, can-do attitude

Ability to work on own as well as part of a team

Meticulous approach, effective written and oral communicator

A passion for, and deep understanding of, vulnerability and threat management

Ability to work in a fast paced, deadline intensive environment

Excellent customer service and organisation skills

Strong customer facing experience.

Confident and credible

Well organized with excellent follow up skills to meet deadlines, coordinates work of others while fostering teamwork and cooperation, and able to handle multiple concurrent tasks

Skills, Knowledge & Experience:

Solid understanding of information security policies, standards and industry best practices

Experience in performing risk assessments on different applications and technologies

Familiarity with Vulnerability Management tools

Ability to build strong relationships with customers and senior stakeholders

Experience with system hardening and secure configuration frameworks

Working knowledge of ITIL change management / patch management

Relevant qualifications e.g.:

Bachelors degree in Information Systems or related field or equivalent combination of education and experience

CISSP, CISA or equivalent

Or check similar jobs