JOB DESCRIPTION

Join ICS Digital, where innovation meets expertise to create digital solutions. We are a cohesive digital community who work in the open, solving problems together and fostering a culture of transparency and collaboration. Our commitment to user-focused design and data-driven decision-making ensures that we deliver accessible services tailored to the needs of our customers.
The ICS Cyber team are a cohesive digital community who work in the open, solving problems together and fostering a culture of transparency and collaboration. Our commitment to user-focused design and data-driven decision-making ensures that we deliver accessible services tailored to the needs of our customers.
The ICS Cyber teamwork within ICS Digital to monitor and protect the systems and services we provide to our customers in DSIT and DESNZ.
We are seeking Vulnerability Scanner Specialist to join our Cybersecurity Team. In this role, you will be responsible for managing and conducting regular vulnerability assessments scans using existing tooling against a variety of internal and external systems. You will be responsible for identifying suitable systems for scanning, reaching out to system owners and ultimately providing recommendations and reports to teams for improvement of the organizations security posture from this perspective. You will work closely with Teams and departments to ensure that vulnerabilities are properly mitigated, and security best practices are followed.
The role is critical in developing our defensive capabilities, utilising the vulnerability tooling we have available to use, and leveraging the benefits of this across the wider customer base we serve in DSIT and DESNZ.
Visit our blog to learn more about us and our work: https://icsdigital.blog.gov.uk/

QUALIFICATIONS

Please describe how you address the skills and experience outlined in the job advert. Valid Networking Qualification. e.g. CompTIA Network+ or CCNA

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

YOUR MAIN RESPONSIBILITIES WILL BE:

• Identify systems within the organisation relevant for scanning and build relationships with system owners to progress and develop our internal scanning programme.
• Configure, schedule, manage and run vulnerability scans using existing tooling to identify potential vulnerabilities across network devices, systems and applications.
• Interpret scan results and analyse vulnerabilities to determine the risk and impact on the organizations infrastructure.
• Maintain relationships with internal teams responsible for bringing public facing websites online to ensure these systems are included in our external scanning activities.
• Create scan overview reports for senior stakeholders and prioritize findings based on severity and risk levels.
• Provide recommendations for patch management and configuration changes to improve overall system security where appropriate.
• Continuously update scans to ensure they are comprehensive and current, adapting to new vulnerabilities and emerging threats.
• Monitor and maintain scanning platforms, plugin updates and system availability.
• Participate in security assessments to ensure compliance with internal and external security standards.
• Stay current with the latest cybersecurity trends, vulnerability exploits and related news.
• Document process and procedures in relation to scanning activities.
• Manage distribution and access to scan reports.