Job Description
* Onsite role, Belfast,
* Full time position, Full time hybrid position, 2 days per week in office (not shift)
* Department: ASPIRE Managed Services
* Practice: Services Reliability Group
* Vetting Requirements: SC Clearance/CTC Clearance level is mandatory.
Role Summary:
Our ASPIRE Global Service Centre is the central hub of our Service Management operations. Beyond a traditional Service Desk, it stands as the central authority and shared service delivery hub, orchestrating all operational workflows, processes, procedures, and tooling. It’s a core delivery component of the Version 1 ASPIRE Managed Services offering that places AI, continuous improvement and business innovation at the heart of everything Version 1 does. With a focus on supporting self-service and automation, we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers.
We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess, and mitigate vulnerabilities, ensuring systems and applications are updated with the latest patches and compliance requirements. The role combines technical expertise, process leadership, and strategic planning to maintain strong security hygiene and safeguard our customers technology assets from potential threats. As this is a leadership role, you will ensure the service desk team leader and their analysts have the suitable tools, schedules and skills to perform the routine maintenance activities. The role will also look to support the development of the wider security operations capability under continual improvement.
Vetting Requirements: SC Clearance/CTC Clearance level is mandatory for the role.
Key Responsibilities:
* Develop and execute a comprehensive patch management strategy across all IT systems and applications.
* Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations.
* Coordinate the testing of patches prior to deployment to validate functionality and compatibility.
* Utilize vulnerability scanning tools to identify weaknesses in the IT environment.
* Analyze and prioritize vulnerabilities based on risk impact and business-criticality.
* Oversee and enforce best practice for security hygiene; access reviews, vulnerability assessment, key rotation, etc
* Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner.
* Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management
* Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes.
* Act as a point of expertise for patching and vulnerability management within the organization.
* Work closely with cross-functional teams, including IT Operations, Security, and Application teams, to align patching and remediation activities with business objectives.
* Identify inefficiencies in processes and workflows, recommending and implementing improvements to enhance service quality.
* Collaborate with third-party vendors for tools and solutions, ensuring optimal performance and cost-effectiveness.
* Perform and maintain risk assessments, gap analysis, and risk register(s).
* Supporting external assessments.
* Supporting security Incident responses.
* Supporting the development of security policies and procedures.
Qualifications
Skills, Education & Qualifications:
* Proven experience in IT patch management, vulnerability assessment, or IT security.
* Familiarity with security hygiene/compliance standards.
* Strong understanding of operating systems (Windows, Linux, etc.), applications, and network security principles.
* Proficiency in vulnerability scanning and patch deployment tools (e.g., Qualys, Tenable, SCCM, WSUS, SCOM, Manage Engine, SolarWinds, Linux distributions (Ubuntu, CentOS, RedHat etc), Ansible, AWS Patch Manager/Azure Update Manager.
* Proficiency in command line interface.
* Proficiency in Security and Vulnerability tools (e.g., Microsoft Defender for Endpoint, AlertLogic, Web Application Scanning, Tripwire, Tenable Nessus).
* Strong problem-solving, analytical, reporting and organizational skills.
* Experience or understanding of of security compliance frameworks; ISO27001, NIST, SOC2, Cyber Essentials, etc.
* Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or similar) are highly desirable.
* Detail-oriented with a proactive approach to problem-solving.
* Ability to prioritize tasks effectively in a fast-paced and dynamic environment.
* Committed to driving continuous improvement in cybersecurity processes and practices.
* Experience with ITSM tools (e.g., ServiceNow).
* Knowledge of ITIL frameworks and best practices.
* Strong communication, interpersonal, and problem-solving abilities.
* Customer-focused mindset with a commitment to delivering high-quality service.
* Strategic thinking and decision-making.
* Ability to manage multiple priorities and meet deadlines.
* Adaptability to evolving technologies, processes and security guidance’s.
* Excellent communication and stakeholder management skills.
Additional Information
At Version 1, we believe in providing our employees with a comprehensive benefits package that prioritises their well-being, professional growth, and financial stability.
One of our standout advantages is the ability to work with a hybrid schedule along with business travel, allowing our employees to strike a balance between work and life.
We prioritise the health and safety of our employees, providing private medical and life insurance coverage, as well as free eye tests and contributions towards glasses. Our team members can also stay ahead of the curve with incentivized certifications and accreditations, including AWS, Microsoft, Oracle, and Red Hat.
Our employee-designed Profit Share scheme divides a portion of our company's profits each quarter amongst employees. We are dedicated to helping our employees reach their full potential, offering Pathways Career Development Quarterly, a programme designed to support professional growth.