Role
Role overview:
Working for an IAM security vendor, you’ll be responsible for supporting the SOC Manager and overseeing the company’s Security Operations activity, including vulnerability management activities
Main tasks and responsibilities:
- Help to define and shape the company’s technical assurance capabilities through penetration testing/vulnerability management and DevSecOps
- Work closely with Dev/Ops teams across the company to identify and correct security vulnerabilities based on risk to the business
- Operate vulnerability management tooling in conjunction with the company’s service provider
- Work with external parties with development of external and internal vulnerability testing capabilities
- Working alongside security engineers, support external penetration testing prioritising findings based on risk
- Follow up on reports and ensuring recommendations for threat remediation are followed
- Providing advice to IT teams across the business on patching recommendations in relation to identified threats
- Stay informed of new vulnerabilities that could impact the business
- Create reports and analysis for technical teams and senior management
- Review and analyse vulnerability data to identify trends and patterns, and link asset and vulnerability data
- Monitoring and respond to vendor and security research notifications of vulnerabilities and assessing the exposure of the business.
- Work with other security teams such as SOC to identify risks & recurring patterns and propose actions to reduce risk
Skills:
- Should have excellent understanding of Information Security best practice and regulatory requirements and should have recent experience in a Threat and Vulnerability related role
- Must be familiar with security vulnerabilities e.g. cloud/on-prem/endpoint
- Familiar with infrastructure and web application scanning tools e.g. Qualys
- Have a sound understanding of network/infrastructure and web/mobile application weakness (CWE, OWASP)
- Strong foundation in network security and common attack methodologies
- Good all-round understanding of Technical Infrastructure, Cloud and Network Technology developed via hands-on experience
- Knowledge of secure by design principles
- Understanding of industry standards ISO2701. PCI-DSS etc
- Ability to support security incidents and investigations
Pre-requisites:
- Excellent analytical skills with the ability to see the bigger picture
- Excellent communication skills with the ability to influence multiple stakeholders
- Willingness to learn and adapt to new technologies coupled with a passion for cyber security
- Good team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles
- Willing to work flexible hours to communicate with teams globally
Further info:
- Competitive salary & flex bens
- Flexible locations / remote
To apply:
Please either register your CV and complete the information fields requested or send your CV to referencing WDA153 and your current salary