Role Overview The Vulnerability Specialist is responsible for owning and continuously improving the end to end vulnerability management capability, with a primary focus on reducing cloud risk across AWS and GCP. Working across Security, Technology, and the wider business, this role ensures vulnerabilities are identified, prioritised by real business impact, and remediated effectively. The objective is simple: reduce material risk at pace. Key Responsibilities Deliver day to day vulnerability management including scanning, triage, and risk prioritisation Lead cloud vulnerability management using tools such as Rapid7 CloudSec across AWS and GCP Automate vulnerability workflows using scripting to improve speed and consistency Identify and close gaps across process, tooling, and outcomes Partner with engineering, SOC, IT, and vendors to drive effective remediation Define and report meaningful metrics for senior and executive stakeholders Support security incidents with vulnerability focused analysis Contribute to policy, standards, and ISO 27001 aligned improvements Mentor junior team members and promote knowledge sharing Required Experience Strong hands on experience with vulnerability management tools such as Rapid7, Nessus, Qualys, or OpenVAS Proven cloud security experience across AWS and GCP Scripting capability in Python, PowerShell, or similar Knowledge of ISO 27001, NIST, and CIS Controls What Success Looks Like Vulnerabilities prioritised by risk, not volume Measurable reduction in cloud risk High trust from engineering and platform teams Clear, decision ready reporting for leadership