About the Role:
Trident Search are on the hunt for a Cyber Security Vulnerability Management Analyst to join our clients Cyber Threat Intelligence function. Our client has offices all over the UK and their HQ based in Hertfordshire, they offer a degree of remote working.
You will form a foundational part in the day-to-day delivery of the vulnerability management function, including its technology and processes. You will operate vulnerability scanners, perform vulnerability analysis, assign remediation actions to resolvers and provide dashboarding and reporting to technical and non-technical stakeholders.
What you’ll be doing
- Be responsible for the day-to-day operation of vulnerability identification, assessment and alerting tooling.
- Provide security guidance to support resolver teams in the remediation of technical vulnerabilities and weaknesses
- Analyse vulnerability intelligence feeds to inform and prioritise vulnerability remediation
- Operate the vulnerability management process across the business to ensure cooperation amongst all centralised and regional resolver teams.
- Proactively measure the effectiveness of the vulnerability management process through monitoring and conformance to policy and standards (patch cadence, configuration compliance scans etc)
- Prepare regular, accurate and actionable reporting metrics to technical and non-technical stakeholders
- Prepare vulnerability exposure reviews for vulnerability managers to deliver across business areas
- Operate as a technical vulnerability SME and support on the Group’s response to new major vulnerabilities affecting the business
- Support in vulnerability investigation and analysis on cyber security incidents to support the Cyber Security Incident Response Team (CSIRT)
- Proactively consider and identify sources of information / intelligence feeds relevant to vulnerability management
- Be responsible for ensuring that all elements of the intelligence cycle are considered in relation to identification and assessment of vulnerabilities.
What you’ll bring
- Demonstrable experience in Information and Cyber Security, especially vulnerability management
- Displays an interest in vulnerability analysis and assessment.
- Knowledge of IT operations including asset, configuration and patch management
- Understanding of basic IT security principles including endpoint security, network security, cloud security and the key vulnerabilities and threats affect them
- Understanding of common IT enterprise technologies - Windows, Linux, cloud, networking platforms etc. and a desire to deliver success with new and evolving technologies.