Cyber Vulnerability Engineer - Threat Reporting - Bristol.
My client are looking for a Cyber Vulnerability Engineer to be part of the Cyber Security and Resilience Team; this position supports delivery and operation of the Vulnerability Management function. My client has made significant investment in vulnerability management tools, procedures and policies, and you will be tasked to coordinate the collection, categorisation, preparing vulnerability remediation solutions and production and presentation of metrics (KPI and KRIs).
The role will include working closely with Infrastructure Vulnerability Engineers to assess and recommend solutions to remediate vulnerabilities in both on-premise and cloud platforms.
- Analyse threat data from multiple sources; internal and external
- Monitor for emerging threat patterns and zero-day vulnerabilities
- Be responsible for Vulnerability Scheduling, Threat Reporting and technical remediation plans
- The role will involve working closely with Infrastructure and IT service management teams to plan and deliver vulnerability remediations based on risk assessment, threat profiles and business appetite
- Formulate and use metrics to visualise the overall trend of the vulnerability management program
- The ideal candidate will have first-hand experience in delivery and operation of Vulnerability Management solutions in on premise and cloud environments.
- You will have a solid background in Infrastructure and Cloud technology.
- You are looking to move on from a Senior Infrastructure role to concentrate on the risk assessment and technical solutions to understand and remediate risks.
- You will also be methodical, well organised to work alone or as part of the team of twelve cyber professionals and be a strong and influential communicator.
- You should have the ability to be persuasive when dealing with other teams to ensure vulnerabilities are remediated within the required time frames.
- Considerable experience working in a senior role in either an Engineering Infrastructure or Cyber Security Team, managing the remediation of vulnerabilities
- Able to demonstrate a good all-round understanding of Technical Infrastructure, Cloud and Network Technology (eg via hands-on experience)
- An understanding of enterprise grade technologies including operating systems, cloud, containers, databases and web applications
- Experience of working in high performing teams and understand the dynamics of teamwork and business requirements
- Any of the following certifications desirable: CISSP, CCSP, CySA+, Security+, CAP, SSCP or equivalent