Senior Vulnerability Management consultant sought by leading investment bank based in London.
**Inside IR35** - Hybrid working
Daily responsibilities:
- Provide vulnerability management expertise involving infrastructure, cloud and enterprise applications. Primary contact for the companies vulnerability management involving processes, reporting, enhancements, compliance and interacting with business stakeholders.
- Operationalize weekly vulnerability status reports for senior leadership including UK CISO on company vulnerability management KPIs/KRIs
- Preparation of vulnerability management process and procedure documentation
- Provide consulting services to the vulnerability management team to assist in their security design to identify potential risks
- Review the security issues and recommend the appropriate controls to mitigate these risks
- Provide security awareness to clients and business groups to drive action on vulnerabilities
- Provide support to other consultants through mentoring and peer reviews of work products as required
- Provide ad hoc consulting services to the general user community
Essential:
- Experience working with vulnerability management tools and data such as Tenable, Qualys, Rapid 7, Microsoft Defender, Aqua, Palo Alto Xpanse.
- Jira to manage project work, timelines and operational tickets.
- 5+years of relevant experience
- Possess strong understanding of vulnerability management processes, procedures and principles
- Exposure to application security best practices such as secure coding, security testing techniques
- Expert knowledge of Security Policies and Standards
- Expert knowledge of Information Security practices
- Knowledge of compliance, audit and privacy policies and regulations
- General knowledge of security technology
Nice to have:
- Experience with PowerBI
- Programming skills and experience (python, java, SQL)
- Technical network skills
- Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices
- Previous Banking/Financial Industry experience
- CISSP, CISA, CRISC, CSSLP, SABSA certifications
Skills & Competencies:
- Vulnerability management
- Risk reporting
- Programming
- Data management
Please apply within for further details - Matt Holmes
