Vulnerability Management Architect - Product Selection and Design
Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5‑month contract basis. As a Vulnerability Management Architect, you will play a crucial role in modernising the company's vulnerability management capabilities, ensuring they can support a fast‑moving business and stand as a strong pillar within their zero‑trust framework. The role is hybrid, requiring travel to Bracknell and London, Pimlico as and when required.
Accountabilities
* Explore and document baseline vulnerability management architecture.
* Capture vulnerability management requirements and usage scenarios as a set of patterns that a future solution will need to support.
* Build out and evaluate the drivers and benefits for change.
* Provide market assessment as appropriate, partnering with procurement teams as needed.
* Provide a validated and recommended strategy solution architecture for vulnerability management services (vendor‑agnostic).
* Compile vendor solution options to address the above, including cost, transition, and benefit high‑level analysis.
* Complete high‑level design for the deployment in a future year.
* Scope and support costing of future project work for implementation of the proposed architecture.
* Understand and gain alignment with related architecture strategies (including device management and platform strategies).
* Collaboratively work with other solution and enterprise architects to drive secure solutions across people, process, and technology.
Experience Required
* Expert‑level knowledge and experience with technical deployments of exposure / vulnerability management systems for large enterprises, across a diverse technology stack (IaaS/PaaS/SaaS/physical/mainframe/hybrid‑cloud) and delivery lifecycles (Project/COTS applications, DevOps).
* Expertise with Qualys and other vulnerability and exposure management technologies.
* Expertise in the full vulnerability management lifecycle.
* Vendor and market analysis and engagement.
* Ability to translate technical information into risks, threats, and vulnerabilities for both technical and non‑technical audiences.
* Cloud‑based security (AWS/GCP), with a specialism in vulnerability management.
* Self‑starter, able to work in technical detail and motivate a diverse group of stakeholders to build sponsorship for significant and impactful change.
* Establishing observability platforms.
* Capabilities adjacent to exposure/vulnerability management (e.g., cyber security asset management, attack surface management, etc.).
* Pragmatic application of zero‑trust philosophies.
* Cloud‑based security (GCP, AWS and Azure).
* Pentest scoping and analysis experience.
* Application security.
To apply for this position please submit your CV.
#J-18808-Ljbffr