VULNERABILITY MANAGER
A leading financial services company in the UK is looking for a Vulnerability Manager to join their team. The company is undergoing a company-wide security transformation, and looking for a Vulnerability Manager to oversee security testing, vulnerability management and application security capabilities. This role is ideal for someone who is looking for career progression in offensive security and development in a greenfield security project.
RESPONSIBILITIES OF A VULNERABILITY MANAGER:
- Oversee security testing reports to review and present findings to senior management
- Assess and review security test, vulnerability reports and application security findings, in order to communicate remediation to application security and security engineer departments
- Take ownership of the vulnerability management toolset
- Build and lead Task Force Teams to respond to new vulnerabilities (Zero-day vulnerabilities)
- Work with senior leadership, stakeholders and third-party providers to assess the risk of remediated vulnerabilities
- Keep up to date on developing attacks and threat approaches
- Conduct reports on key metrics around the vulnerability management
- Work collaboratively with the application security and security engineer postures, covering application security and infrastructure security
SKILLS REQUIRED OF A VULNERABILITY MANAGER:
- Experience with vulnerability management is essential
- Working knowledge of penetration testing, vulnerability management and application security testing
- Knowledge of new developing attack methods is preferable
- Experience with tools such as Qualys, Kenna, Risk Sense, Tenable
- Experience with automation
- Experience with financial services is preferable but not essential
- Willingness to learn and keep up with latest offensive security technologies
- Experience automating tasks and processes
- CEH, CREST or OSCP is preferred
- CIS, CISSP, or CISM is preferred
BENEFITS OF WORKING AS A VULNERABILITY MANAGER:
- Opportunity to work on a greenfield transformation project
- Lead investigations into new technologies and make decisions on the tools and programmes used by the company
- Work collaboratively with other divisions to achieve highest security standards
- Work directly with senior leadership and stakeholders to communicate needs of the business