Job Description
Vulnerability Management SME - Havant (Hybrid) - Inside IR35Day Rate - up to £600Duration - 6 monthsHarvey Nash's Client have a requirement for a Vulnerability Management Subject Matter Expert (SME), you will be responsible for the design, delivery, and continuous improvement of the organisation's vulnerability management service for End User Compute devices. The role focuses on utilising tools such as Qualys to identify, assess, prioritise, and support the remediation of vulnerabilities across infrastructure, endpoints, and cloud environments.The SME ensures that vulnerabilities are effectively managed in line with organisational risk appetite and security standards, supporting a proactive approach to reducing cyber risk. This includes maintaining accurate vulnerability data, driving remediation activities, and ensuring alignment with governance, compliance, and audit requirements across the organisation.Key AccountabilitiesDeliver and support vulnerability management capabilities using Qualys, including asset discovery, vulnerability scanning, and risk prioritisationAnalyse and interpret End User Compute vulnerability data, providing actionable insights and remediation recommendationsCollaborate with endpoint management and application management SMEs to action remediation activitiesMonitor and report on vulnerability posture, risk exposure, and remediation performance across the organisationDevelop and maintain automation and reporting capabilities to improve efficiency and visibility of vulnerability management activitiesCollaborate with cyber security, risk, and service management teams to ensure alignment with governance, compliance, and risk frameworksSkills, Knowledge & ExperienceEssentialProven experience operating vulnerability management tools (e.g.
Qualys) in an enterprise environmentStrong understanding of vulnerability management lifecycle, including scanning, prioritisation, and remediationKnowledge of common security vulnerabilities, risk scoring (e.g. CVSS), and remediation approachesExperience working with endpoint management tools like Intune and SCCM to support vulnerability remediationUnderstanding of cyber security principles, risk management, and ITIL-based service management practicesDesirableExperience integrating vulnerability management tools with enterprise platforms (e.g. ServiceNow)Familiarity with cloud environments (e.g.
Azure) and associated security considerationsKnowledge of patch management processes and toolsScripting or automation experience (e.g. PowerShell, Python)Experience supporting audit, compliance, or regulatory requirementsToFromRecord Yes NoAlways use these settingsTPBN1_UKTJ