Job Description
Vulnerability Management Architect
5 Month Contract
Hybrid - travel to Bracknell and London, Pimlico as and when required
Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework.
Accountabilities:
* Explore and document our baseline vulnerability management architecture
* Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will need to support
* Build out and evaluate the drivers and benefits for change
* Provide market assessment as appropriate, partnering with our procurement teams as needed
* Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic)
* Compile vendor solution options to address the above (with cost, transition, benefit high level analysis)
* Complete high-level design for the deployment in a future year
* Scope and supporting costing of future project work for the future implementation of the proposed architecture
* Understand and gain alignment with related architecture strategies (including device management and platform strategies)
* Collaboratively working with other solution and enterprise architects to drive secure solutions (across people, process and technology)
Experience Required:
* Expert-level knowledge and experience with technical deployments of exposure / vulnerability management systems for large enterprises, across a diverse technology stack (IaaS/PaaS/SaaS/physical/mainframe/hybrid -cloud) and delivery lifecycles (Project/COTS applications, DevOps)
* Expertise with Qualys and other vulnerability and exposure management technologies
* Expertise in the full vulnerability management lifecycle
* Vendor and market analysis and engagement
* Ability to translate technical information into Risks, Threats, and Vulnerabilities for both a technical and non-technical audience
* Cloud based security (AWS/GCP), with a specialism in vulnerability management
* Self-starter, able to work in technical detail and motivate a diverse group of stakeholders to build sponsorship for significant and impactful change
Desired:
* Establishing observability platforms
* Capabilities adjacent to exposure/vulnerability management capabilities (ie cyber security asset management, attack surface management, etc)
* Pragmatic application of zero-trust philosophies
* Cloud based security (GCP, AWS and Azure)
* Pentest scoping and analysis experience
* Application security
* Threat modelling
To apply for this position please submit your CV.