YOU’RE ONLY HUMAN.

It’s a strange thing to say, because us humans are capable of incredible things. And at Medibank, we know our greatest potential lies in the people who work with us.
We strive to make real, fundamental change, driven by a simple purpose: to create the best health and wellbeing for all of Australia.

THE ROLE

We’re looking for a Vulnerability Management Analyst to be responsible for managing processes across our security environment. You will play an important role in securing systems that host sensitive health data, enhancing security through seamless and secure identification, reporting and management of vulnerabilities with regulatory obligations such as APRA CPS 234, ISO 27001, and the Australian Privacy Principles (APPs).
You will use existing technical solutions across the vulnerability management lifecycle—including scanning, patching, reporting and testing —ensuring tools are used correctly and stakleholders are managed effectively, while identifying anomalies and continuously identifying opportunities for improvement. You will support the team responsible for investigating and mitigating vulnerability related incidents, applying your technical knowledge to manage operational risks and drive a proactive vulnerability management security posture.

THE RESPONSIBILITIES:

• Use regularly conducted vulnerability scans on systems, networks, and applications using tools such as Tenable, Nessus or Qualys to identify security weaknesses to provide detailed reports to business to mitigate risks from vulnerabilities.
• Input to the selection, implementation, and maintenance of vulnerability management systems, tools, and technologies.
• Manage vulnerability reporting platforms to help prioritise and mitigate vulnerabilities.
• Developed understanding of cybersecurity principles, vulnerability assessment tools (e.g., Nessus, Tenable, Qualys), and IT infrastructure to effectively assess and mitigate vulnerabilities.
• Collaborate with various stakeholders, such as IT teams, business units, and external partners, to communicate the Enterprise vulnerability management requirements and develop systems and processes to meet these requirements.
• Inputting into the response of security incidents related to vulnerabilities, coordinating with relevant teams to contain and mitigate threats promptly.
• Utilise vulnerability scanning and reporting tools, and ensure they are up-to-date and effectively integrated into the security infrastructure.
• Producing reports for management on vulnerability status and trends.
• Proactively identifying areas for enhancing vulnerability management processes, suggesting improvements, and implementing best practices for ongoing optimization.