Job Description
Senior Vulnerability Management consultant sought by leading investment bank based in London.**Inside IR35** - Hybrid workingDaily responsibilities:
* Provide vulnerability management expertise involving infrastructure, cloud and enterprise applications. Primary contact for the companies vulnerability management involving processes, reporting, enhancements, compliance and interacting with business stakeholders.
* Operationalize weekly vulnerability status reports for senior leadership including UK CISO on company vulnerability management KPIs/KRIs
* Preparation of vulnerability management process and procedure documentation
* Provide consulting services to the vulnerability management team to assist in their security design to identify potential risks
* Review the security issues and recommend the appropriate controls to mitigate these risks
* Provide security awareness to clients and business groups to drive action on vulnerabilities
* Provide support to other consultants through mentoring and peer reviews of work products as required
* Provide ad hoc consulting services to the general user community
Essential:
* Experience working with vulnerability management tools and data such as Tenable, Qualys, Rapid 7, Microsoft Defender, Aqua, Palo Alto Xpanse.
* Jira to manage project work, timelines and operational tickets.
* 5+years of relevant experience
* Possess strong understanding of vulnerability management processes, procedures and principles
* Exposure to application security best practices such as secure coding, security testing techniques
* Expert knowledge of Security Policies and Standards
* Expert knowledge of Information Security practices
* Knowledge of compliance, audit and privacy policies and regulations
* General knowledge of security technology
Nice to have:
* Experience with PowerBI
* Programming skills and experience (python, java, SQL)
* Technical network skills
* Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices
* Previous Banking/Financial Industry experience
* CISSP, CISA, CRISC, CSSLP, SABSA certifications
Skills & Competencies:
* Vulnerability management
* Risk reporting
* Programming
* Data management
Please apply within for further details - Matt Holmes