Vulnerability Management Architect - Product Selection and Design 5 Month Contract - Outside IR35
Hybrid - travel to Bracknell and London, Pimlico as and when required
Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in modernising the companys vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework.
Explore and document our baseline vulnerability management architecture
Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will need to support
Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic)
Complete high-level design for the deployment in a future year
Scope and supporting costing of future project work for the future implementation of the proposed architecture
Understand and gain alignment with related architecture strategies (including device management and platform strategies)
Expert-level knowledge and experience with technical deployments of exposure / vulnerability management systems for large enterprises, across a diverse technology stack (IaaS/PaaS/SaaS/physical/mainframe/hybrid-cloud) and delivery lifecycles (Project/COTS applications, DevOps)
Expertise with Qualys and other vulnerability and exposure management technologies
Expertise in the full vulnerability management lifecycle
Vendor and market analysis and engagement
Ability to translate technical information into Risks, Threats, and Vulnerabilities for both a technical and non-technical audience
Cloud based security (AWS/GCP), with a specialism in vulnerability management
Capabilities adjacent to exposure/vulnerability management capabilities (ie cyber security asset management, attack surface management, etc)
Cloud based security (GCP, AWS and Azure)
Pentest scoping and analysis experience