Accessibility Links

Cyber Threat and Vulnerability Manager

  • Job reference: 26005
  • Location: City of London
  • Job type: Permanent
  • Start date: Not specified
  • Contact: Not specified
  • Sector: Information and Cyber Security
  • Salary: £70000 - £80000 per annum

Sorry, this vacancy has now expired.

Please see our job results page to find our current open vacancies or take a look at our Specialisms below and go straight to your area.

BI, Data & Analytics, Change Management, Digital and Development, ERP and CRM Systems, Executive Leadership, Information and Cyber Security, Infrastructure & Cloud Services, Interim Management, Strategy & Architecture, our Work For La Fosse.




 Return to homepage.

Threat and Vulnerability Manager needed to join the CISO team based in London.
As a Threat and Vulnerability Manager you will assist the Chief Information Security Officer by effectively identifying, quantifying and managing cyber vulnerabilities across the group. This role will be responsible for the implementation and management of threat and vulnerability capabilities, interfacing with appropriate teams across the businesses to ensure appropriate remediation plans are defined and implemented.
Key Responsibilities:
  • Supporting the development and implementation of the Threat and Vulnerability Management framework
  • Spearhead efforts to support businesses in developing their own processes and procedures as required
  • The development of communications to promote and maintain awareness of current threats and vulnerabilities across all businesses
  • Act as escalation point for all threat and vulnerability events
  • Aggregate all threat and vulnerability information to;
  • Provide a consolidated view across the group
  • Provide actionable intelligence to businesses and track their action plans
Vulnerability Assessments/ Management
  • Ensure effective vulnerability scanning of infrastructure, code, and applications within both corporate and 3rd party environments
  • Define minimum standards in relation to vulnerability management, monitoring compliance across the businesses
  • Research and investigate new and emerging vulnerabilities, to include Zero Day events, and participate in external security communities, sharing findings across the group
  • Ensure the successful completion and recording of scanning activities
  • Support the assessment of identified vulnerabilities to prioritise remediation based on risk and exposure
  • Track remediation activities to completion, validating the effectiveness in mitigating the risk
  • Interface with peers and leaders across the businesses to both share the corporate security vision and solicit their involvement in achieving higher level of enterprise security
Threat Intelligence
  • Define minimum standards in relation to threat management, monitoring compliance across the businesses
  • Ensure threat management encompasses external and internal threat sources, helping to identify current and future threats to the Group.
  • Perform, at least annually, a Threat Assessment across our businesses, feeding into crisis management, risk management and business planning activities.
  • Participate in information sharing groups within and outside of financial services, as well as within the group.
  • Coordinate a periodic test of response capabilities across the group.
  • Define approaches to monitoring threats to staff and executives, ensuring their privacy is protected
  • Define approaches to monitoring threats to our customers and advisers, defining awareness materials that can be shared and maintained
  • Ensure active threats and their associated attack vectors are mitigated through vulnerability management and monitoring activities
  • Report on vulnerability /threat analysis and recommend appropriate control improvements
  • Ensure the accurate and timely release of vulnerability metrics.
  • Report on areas of non-compliance against Policy and/or Group Standards
  • Produce regular MI to support overarching governance frameworks
Business/ Customer Engagement
  • Manage and participate in customer engagements concerning services offerings or discussions around threats.
Qualifications & Experience:
  • Undergraduate degree level education and/or relevant professional qualifications
  • At least one of the following certifications: CCNA Security, CISSP/SSCP/CISM, CEH, GSEC, GCIH;
  • Extensive experience of implementing, monitoring and improving the threat and vulnerability management service of a financial services organisation.
  • Expert level understanding of both threat and vulnerability management services and information security
  • Detailed knowledge of system security vulnerabilities and remediation techniques.
  • Excellent technical comprehension of threat and vulnerability scanning solutions, systems and processes
  • Understanding of information/ cyber security risk in financial services firms.
  • Knowledge of the key IT and change management processes and associated risks and controls within major financial services firms.
  • Knowledge of and ability to manage Windows, iSeries, Network Device, Database, Middleware, and Application vulnerabilities.
  • Working knowledge of security related technologies such as firewalls, WAFs, IDS/IPS systems, SIEM systems, network protocols, etc.
  • Knowledge of and ability to administer network and host-based security tools to include penetration testing and ethical hacking products.
  • Knowledge of and ability to manage vulnerability scans against a range of assets.
  • Knowledge and experience of ISO27000 suite
  • A high level understanding of security architectural design and network design
  • Investigation of security breaches and incident management
Related jobs
Technical Risk Security Consultant
  • Contract
  • London
  • £550 - £650 per day
  • Reference DH 31872
  • Technical Risk Security Consultant A FTSE 100 company require a Technical Risk Security Consultant to assist the firm with providing risk identification and assessment of programme and project cyber security risks. The Technical Risk Security Consultant will have the following experience: Developing and communicating...
Read more
IT Risk Manager
  • Permanent
  • London
  • £80000 - £90000 per annum + bonus + package
  • Reference 31846
  • IT Risk Manager -> £80,000 - £90,000 La Fosse are looking for an IT Risk Manager to join a Global Investment Bank based in Central London. The business is going through a significant transformation across technology, bringing about change within the organisation and new challenges in the IT Risk space...
Read more
IT Security Analyst
  • Permanent
  • City of Westminster
  • £65000 - £75000 per annum + bonus + pension + private health
  • Reference 31116
  • The IT Security Analyst will work on a change programme that improves cyber defenses. This is not an operational position and will require 80% of your time to be working on projects such as vulnerability and risk management, project security SME. This involves: Assessment of cyber risksDesign and Implement controls...
Read more