A leading Independent IT Infrastructure and Services Consultancy are looking for a Vulnerability Manager for a 3 month contract initially, Outside IR35, hybrid working, (Hatfield based 1/2 times per month).
The Vulnerability Manager l will work collaboratively with many different areas of the business to ensure vulnerabilities are well managed and efficiently remediated in any technology. Patching and version management of all technologies will also be carried out by this role.
Process Management - Create and manage internal processes and standards around the lifecycle of vulnerability management. Track vulnerability remediation activities alongside multiple infrastructure support teams, IT support partners and external service providers
Security coordination - Collaborate with Computacenter's security division to understand the company security posture and how the IT department must change to address risks. Triage and prioritise inflow of vulnerabilities from IT Security teams for remediation planning. Manage exception processes and mitigating controls.
Patch Management - Manage the master patch record and ensure all technology stacks are patched regularly to ensure vulnerabilities are proactively handled. Work with offshore teams to deliver wide-scale patching at a fast pace.
Drive high standards - Drive all areas of GIS to deliver against vulnerability KPIs.
Reporting - Create and deliver dashboards and regular reports on various vulnerability KPIs.
Asset Management - Collaborate with asset management functions, to ensure all IT assets are covered by vulnerability management throughout their lifecycle.
Strategy - Support and deliver the short and long term strategy for effective vulnerability management.
Communication - work with stakeholders at various levels of the organisation on vulnerability topics.
Project Drive - The ability to think for yourself, understand a given problem and build that into measurable deliverables that you can demonstrate progress against give objectives.
Consultation - Support major incident vulnerability activities across the GIS estate as required.
Demonstrable strong experience working in vulnerability management.
Excellent organisational skills.
Strong communicator both written and spoken.
Experience working with vulnerability scanning software.
Experience in interpreting technical findings from penetration tests.
Strong IT background, with familiarity of infrastructure and application stacks.
Strong understanding of established security standards, such as Cyber Essentials, CIS benchmarks and NIST Cyber Security Framework.
Good understanding of ITIL practices.
Comfortable working autonomously to deliver value.
Security certifications will be an advantage - such as CISM(P), SEC+, GIAC Security Essentials (GSEC).