Our purpose is to make great financial decision making a breeze for everyone, and that purpose drives us every day. It’s why we’re on a mission to create an automated quoting engine, with the simplest of experiences, wrapped in a brand everyone loves! We change lives by making it simple to switch and save money. So, when it comes to getting a better deal, it’s never been more blindingly obvious why you would choose Compare the Market.
We’d love you to be part of our journey.
This role will allow you to provide leadership and coordination for vulnerability management across Compare the Market using informed, risk-based decisions by embedding strong vulnerability practices across the business. You will lead and support a team of analysts to drive effective remediation and communication. You will be collaborating with Cyber Security, Engineering, and resolver teams to integrate security into the SDLC. Being our champion for practices such as OWASP guidance, code analysis, scanning, pen testing, and bug bounty Evolve processes to align with CtM’s risk appetite, compliance needs, and the changing threat landscape.
Everyone is welcome.
We have a culture of creativity. We approach our work passionately, improve constantly and celebrate our wins at every turn. We are an inclusive workplace, and our employees are comfortable bringing their authentic, whole selves to work. Everyone is welcome. Be you.
This means we’re excited to hear from people with a range of skills, experiences, and ideas. We don’t expect you to tick all the boxes but would love you to hear what makes you great for this role.
Some of the great things you’ll be doing:
* Lead, coach, develop attract and retain high-performing talent, ensuring appropriate succession planning, who can motivate and drive delivery of objectives.
* Ensure the ongoing maintenance, availability, and performance of all vulnerability management tools.
* Evaluate and implement emerging technologies or practices that enhance CtM’s vulnerability detection and management capabilities to ensure continuous improvement.
* Provide expert guidance and oversight on identified vulnerabilities, helping stakeholders understand associated risks in context.
* Identify exploitable gaps in technical controls and collaborate with risk owners to prioritise and implement effective remediation plans.
* Translate complex technical findings into clear, business-relevant language to support informed decision-making across business units.
* Serve as an escalation point for complex or high-risk vulnerability findings requiring cross-functional coordination.
* Produce and present monthly management information (MI) reports covering all key aspects of vulnerability management performance and trends.
* Ingest and analyse cyber threat intelligence to identify relevant risks, translate insights into actionable guidance, and proactively track emerging threats —ensuring timely awareness and mitigation across CtM’s technology environment.
* Develop and maintain strong working relationships with key technical stakeholders, to ensure cohesive and aligned security practices.
* Align vulnerability management processes with the NIST Cybersecurity Framework to ensure industry-standard practices are embedded across identification, protection, detection, and response activities.
What we want to see from you:
* Minimum of 2 years of hands-on experience in vulnerability management,
* Strong understanding of the Cyber Kill Chain and how it applies to modern threat detection and defence strategies.
* Proven experience in scheduling, executing, and analysing results from various vulnerability assessment tools and techniques.
* Demonstrated ability to interpret Cyber Threat Intelligence (CTI) and translate it into meaningful insights to inform threat modelling and risk prioritisation.
* Proven experience leading and developing a team of Vulnerability Management Analysts, fostering a high-performance culture and ensuring effective delivery of vulnerability identification, analysis, and remediation support.
Our people bring our purpose to life.
We foster a culture of innovation and collaboration. With a team of over 300 tech experts, we thrive on using the latest tools and technologies, such as Docker, Kubernetes, AWS, Kafka, Java, Scala, Python, .Net Core, Node.js, and MongoDB, to create a dynamic and inclusive work environment.
There’s something for everyone.
We’re a place of opportunity. You’ll have the tools and autonomy to drive your own career, supported by a team of amazingly talented people. And then there’s our benefits. For us, it’s not just about a competitive salary and hybrid working, we care about what matters to you. From a generous holiday allowance and private healthcare to an electric car scheme and paid development, wellbeing, and CSR days, we’ve pretty much got you covered!
#LI-HL1
#J-18808-Ljbffr