We’re supporting a household-name retailer to hire a hands-on Cyber Vulnerability Analyst into their Global Threat & Vulnerability function. You’ll run scanning across cloud, networks and apps, turn findings into risk-based actions, and partner with SOC, AppSec, Networks and Cloud to land fixes fast. If you enjoy closing the loop—from discovery to remediation—and automating the boring bits, you’ll love this.
Responsibilities
The Vulnerability Management Analyst role will have the following key responsibilities: -
* Conduct comprehensive vulnerability assessments on systems, networks, and applications.
* Analyse and interpret vulnerability scan results, prioritize findings using risk-based prioritization methodology, and provide actionable recommendations for remediation.
* Evaluate and manage vulnerabilities, including prioritization, investigation, and tracking remediation activities.
* Evaluate new tools and techniques in security testing and articulate their value and impact.
* Operate vulnerability and configuration scanning tools, like Tenable, Qualys, InsightVM.
* Perform technical and non-technical risk and vulnerability assessments of relevant technology focus areas.
* Defining, creating and implementing various SOPs (Standard Operating Procedures) and SOMs (Service Operating Models).
* Use asset risk profiles, vulnerability severity ratings, and threat information to communicate remediation priorities.
* Support incident response in investigations and response at all stages.
* Assist and work closely with our offensive security team, SOC team, Network Team, AppSec team.
* Experienced in working attack surface management area.
* Generate and distribute operational-level reports and key vulnerability reporting metrics along with KPIs, KRIs and monthly/weekly reporting.
* Maintain communication with the Vulnerability Management Lead and other internal & external stakeholders for collaboration and information sharing.
* Maintain knowledge of applicable policies, regulations, and compliance documents.
* Engage in team working and demonstrate a professional, motivated attitude.
* Collaborate with the security compliance team to meet compliance and regulation requirements.
* Leverage threat intelligence sources to inform on exposure to vulnerabilities.
* Assist in automated or manual patching remediation processes.
Essential
* 1-2 years experience in vulnerability management role or equivalent
* Hands-on experience with vulnerability assessments, management, and remediation strategies.
* Project management skills to help deliver vulnerability programs.
* Understanding of cloud environments (AWS, Azure, GCP) and their unique vulnerabilities.
* Detailed understanding of Windows, Linux/Unix, and other OS vulnerabilities.
* Ability to perform risk analysis and prioritize vulnerabilities based on severity and impact.
* Aptitude for analysing complex technical information and cyber threats.
* Security Framework Knowledge: Familiarity with common security frameworks like CIS, NIST