Vulnerability Analyst in Salford, Greater Manchester

Vulnerability Analyst
3-6 Months
Occasional Travel to Manchester
Inside IR35

Accountabilities and Activities

* Support the implementation and maintenance of Vulnerability Management processes and procedures.
* Work closely with third party Vulnerability Management service to ensure the prioritisation and tracking of vulnerabilities is effective and oversee the vulnerability trackers.
* Provide expertise on vulnerabilities when engaging with resolvers and mediate on calls with the third party Vulnerability Management service, ensuring good working relationships with the technical teams are maintained.
* Identify systemic issues and/or opportunities for service maturation and improvement. Then work with relevant stakeholders and technical teams to improve the security posture. Delivers appropriate documentation that reflects the output from the analysis conducted.
* Support security risk, vulnerability assessments and business impact analysis as required.
* Support team to provide reporting and commentary for vulnerability reports
* Maintain reliable and up-to-date information regarding Information Security, including new and existing threats and vulnerabilities and incorporate that detail into actionable deliverables.
* Be responsible for threat remediation activities
* Support projects within the function.
* Be familiar with security tools and where appropriate, the development of simple scripts to assist with the ongoing analysis of a security vulnerability.
Support the administration of the Vulnerability Management tool. Ensure robust practices are in place for Security Engineering team to maintain the health of the system and work with the third party Vulnerability Management team on day to day administrative tasks.
Qualifications, Training and Experience
* Experience in at least one technology tower (End User Computing, Hosting or Networks) and foundation in various enterprise technologies/infrastructure including network architectures and operating systems is preferable.
* Confident in their technical expertise and can present themselves as a technically competent SME.
* Has a track record of technical delivery within a fast paced environment.
* Awareness and use of security and privacy concepts (e.g., international and industry standards, legal and regulatory constraints, etc.).
* Is able to take a pragmatic view of the application of technologies; understanding the business application of them and able to identify a balance between the management of risk and the capability for the business to continue to operate.
* Exposure to Security Monitoring and vulnerability management tools.
* Exposure to Vulnerability Management and Threat Intelligence sources.
* Should have strong knowledge on OWASP top 10 Vulnerabilities
* Knowledge of perimeter and host security intrusion techniques.

* Good appreciation/experience of typical enterprise security services including but not limited to:
o Threat Intelligence
o Penetration testing
o Anti-malware
o Email/SPAM management
o Authentication mechanisms
o SIEM
o WAF
o Firewalls
o Proxy technologies
o IDS/IPS
o DLP

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.