Security Operations Analyst - Vulnerability Management
ScottishPower HQ, Glasgow - hybrid working (2 - 3 Days in Office)
Salary: From £42K (up to 10% Performance Bonus + Single Healthcare)
Permanent, Full Time
Help us create a better future, quicker.
Overview
As a Security Operations Analyst you’ll coordinate and execute a range of security services within the Cyber Fusion Centre focusing on Vulnerability Management. The wider team covers Threat Intelligence, Incident Response, Event Monitoring, Security Device Configuration, Security Testing, Digital Forensics, Threat Hunting and Threat Reporting.
Responsibilities
* Coordinate with Local and Global Security Teams and manage the discovery of vulnerabilities, driving remediation across ScottishPower.
* Create and embed new processes and services to successfully deliver the vulnerability management programme required by the UK Cyber Fusion Centre.
* Manage day‑to‑day coordination of supplier activity for penetration testing, red team exercises, vulnerability scanning and analysis across the UK.
* Provide expert input in defining a programme of security initiatives for inclusion in the Global Security Plan.
* Support the Cyber Fusion Centre by coordinating activity for tools and services, owning delivery of support models for all vulnerability management tools, and defining and operating the UK Cyber Security Incident Response Plan.
* Assist in coordinating regular testing of ScottishPower preparedness through internal simulations and external Red Teams.
* Work closely with IT and OT security functions to deliver services and collate/distribute vulnerability metrics where required.
* Support the Vulnerability Manager in business deliverables and stakeholder communication.
Qualifications and Skills
* Experience in vulnerability management at scale similar to ScottishPower, preferably within a global organization.
* Relevant industry qualifications such as LDR516, GCIH, CIH, CEH, PEN-200, OSCP.
* Experience configuring and supporting security tools, managing vulnerability risk communication to stakeholders.
* Ability to coordinate with security service providers and software suppliers, understanding key legislation and regulation impacting IT security.
* Understanding of OT Security challenges and solutions, and ability to contribute to Cyber Security Operations strategies and roadmaps.
* Excellent communication skills, comfortable working with all levels of stakeholders, and able to distil technical issues for non‑technical audiences.
* Strong problem‑solving, delivery orientation, and ability to analyze complex issues and recommend solutions.
* Proven team‑player who can promote and consolidate efficient working relationships.
Travel and Clearance
Periodic travel to Spain and other company locations may be required. Successful candidates must be able to obtain NSV SC clearance. Candidates must have lived continuously in the United Kingdom for a period of 5 years before meeting the Minimum Residency Criteria.
What’s in it for you
* Competitive salary reviewed annually.
* Pension scheme with a 10% company match.
* 36 days annual leave.
* Holiday purchase option.
* Share schemes.
* Payroll giving and charity matched funding.
* Technology vouchers.
* Electric vehicle schemes.
* Cycle to Work and public transport season ticket loans.
* Healthcare benefit options: Dental, Private Medical, Health Cash Plan, annual Health Assessments.
* Life assurance (4× salary).
* Access to Savesmart financial wellbeing support.
* Discounts on travel, leisure, restaurants, gym and more.
Why ScottishPower
ScottishPower is part of the Iberdrola Group, one of the world's largest integrated utility companies and a leader in wind energy. With a commitment to renewables and Net Zero, we invest over £6m every working day. We offer diverse opportunities, internal talent development, and a global organization.
Inclusion, diversity, and social purpose are at the heart of everything we do. We support candidates with disabilities, long‑term conditions, mental health conditions, neurodivergent needs, or pregnancy‑related support.
#J-18808-Ljbffr