CYBER VULNERABILITY ANALYST – BRISTOL/EDINBURGH (HYBRID)

In this position, you’ll be based in either the Bristol or Edinburgh office for a minimum of three days a week with the flexibility to work from home for some of your working week. Find out more about our flexible work culture at computershare.com/flex.

Some other key skills that you’ll have:

• Experience working on enterprise systems, network, and application architectures (including Microsoft and RHEL).
• Working knowledge of end-to-end vulnerability management workflows (CVE, CPE, CVSS).
• Hands-on experience performing vulnerability scans using third-party tools e.g. Nessus, Tenable, Nexpose, Qualys, Veracode and IBM AppScan.
• Possess, or working towards, professional or industry security/IT certifications, such as, CEH, MCSA, CISSP, SANS, and have an understanding of the security principles outlined in OWASP, CIS, NIST and ISO27000

A ROLE YOU WILL LOVE

Along with your teammates, you will be responsible for conducting and co-ordinating technical vulnerability assessments across our IT infrastructure, applications, and services. You will provide recommendations towards the development of appropriate remediation plans and deliver clear reports detailing the organisation’s level of security assurance against internal compliance and external threat measures.
You will also work to analyse, assess, and report on vulnerability and configuration assessments across a complex, global operating model. This means that you will get to work closely with the wider departments to ensure that they are aware of what changes need to be made, and how we are performing overall as a business.

Some other key responsibilities will include:

• Creating & maintaining the set of unified key performance/risk indicators aligned to stakeholder requirements.
• Scheduling, co-ordinating and managing the engagement process (with internal stakeholders and third-party vendors) for infrastructure and application security testing.

• Promoting and developing vulnerability assurance initiatives across all regions, working to improve existing security services, including the continuous enhancement of existing methodology material and supporting assets.Working with the Information Security and Technology team on the iterative security configuration tests against the technical baseline security standards.

WHAT WILL YOU BRING TO THE ROLE?

As you’ll know, working in an Information Security environment requires great attention to detail. We need you to be diligent in your approach with the ability to think quickly and act if the need arises.
Building relationships is key in this role. You will be working with people across the globe who are both technical, and non-technical so the ability to talk about technical issues to people who don’t see that side of it is key.
This role will be working with our wider technology department, so if you have a background in technology and have moved into the InfoSec space, that’s a bonus!

Some other key skills that you’ll have:

• Experience working on enterprise systems, network, and application architectures (including Microsoft and RHEL).
• Working knowledge of end-to-end vulnerability management workflows (CVE, CPE, CVSS).
• Hands-on experience performing vulnerability scans using third-party tools e.g. Nessus, Tenable, Nexpose, Qualys, Veracode and IBM AppScan.
• Possess, or working towards, professional or industry security/IT certifications, such as, CEH, MCSA, CISSP, SANS, and have an understanding of the security principles outlined in OWASP, CIS, NIST and ISO27000.

If this sounds like the role that you’ve been looking for, please submit an application today!