Accessibility Links

Cyber Threat and Vulnerability Manager

  • Job reference: 26005
  • Location: City of London
  • Job type: Permanent
  • Start date: Not specified
  • Contact: Not specified
  • Sector: Information and Cyber Security
  • Salary: £70000 - £80000 per annum
Threat and Vulnerability Manager needed to join the CISO team based in London.
As a Threat and Vulnerability Manager you will assist the Chief Information Security Officer by effectively identifying, quantifying and managing cyber vulnerabilities across the group. This role will be responsible for the implementation and management of threat and vulnerability capabilities, interfacing with appropriate teams across the businesses to ensure appropriate remediation plans are defined and implemented.
Key Responsibilities:
  • Supporting the development and implementation of the Threat and Vulnerability Management framework
  • Spearhead efforts to support businesses in developing their own processes and procedures as required
  • The development of communications to promote and maintain awareness of current threats and vulnerabilities across all businesses
  • Act as escalation point for all threat and vulnerability events
  • Aggregate all threat and vulnerability information to;
  • Provide a consolidated view across the group
  • Provide actionable intelligence to businesses and track their action plans
Vulnerability Assessments/ Management
  • Ensure effective vulnerability scanning of infrastructure, code, and applications within both corporate and 3rd party environments
  • Define minimum standards in relation to vulnerability management, monitoring compliance across the businesses
  • Research and investigate new and emerging vulnerabilities, to include Zero Day events, and participate in external security communities, sharing findings across the group
  • Ensure the successful completion and recording of scanning activities
  • Support the assessment of identified vulnerabilities to prioritise remediation based on risk and exposure
  • Track remediation activities to completion, validating the effectiveness in mitigating the risk
  • Interface with peers and leaders across the businesses to both share the corporate security vision and solicit their involvement in achieving higher level of enterprise security
Threat Intelligence
  • Define minimum standards in relation to threat management, monitoring compliance across the businesses
  • Ensure threat management encompasses external and internal threat sources, helping to identify current and future threats to the Group.
  • Perform, at least annually, a Threat Assessment across our businesses, feeding into crisis management, risk management and business planning activities.
  • Participate in information sharing groups within and outside of financial services, as well as within the group.
  • Coordinate a periodic test of response capabilities across the group.
  • Define approaches to monitoring threats to staff and executives, ensuring their privacy is protected
  • Define approaches to monitoring threats to our customers and advisers, defining awareness materials that can be shared and maintained
  • Ensure active threats and their associated attack vectors are mitigated through vulnerability management and monitoring activities
Reporting
  • Report on vulnerability /threat analysis and recommend appropriate control improvements
  • Ensure the accurate and timely release of vulnerability metrics.
  • Report on areas of non-compliance against Policy and/or Group Standards
  • Produce regular MI to support overarching governance frameworks
Business/ Customer Engagement
  • Manage and participate in customer engagements concerning services offerings or discussions around threats.
Qualifications & Experience:
  • Undergraduate degree level education and/or relevant professional qualifications
  • At least one of the following certifications: CCNA Security, CISSP/SSCP/CISM, CEH, GSEC, GCIH;
  • Extensive experience of implementing, monitoring and improving the threat and vulnerability management service of a financial services organisation.
  • Expert level understanding of both threat and vulnerability management services and information security
  • Detailed knowledge of system security vulnerabilities and remediation techniques.
  • Excellent technical comprehension of threat and vulnerability scanning solutions, systems and processes
  • Understanding of information/ cyber security risk in financial services firms.
  • Knowledge of the key IT and change management processes and associated risks and controls within major financial services firms.
  • Knowledge of and ability to manage Windows, iSeries, Network Device, Database, Middleware, and Application vulnerabilities.
  • Working knowledge of security related technologies such as firewalls, WAFs, IDS/IPS systems, SIEM systems, network protocols, etc.
  • Knowledge of and ability to administer network and host-based security tools to include penetration testing and ethical hacking products.
  • Knowledge of and ability to manage vulnerability scans against a range of assets.
  • Knowledge and experience of ISO27000 suite
  • A high level understanding of security architectural design and network design
  • Investigation of security breaches and incident management
Related jobs
Security Analyst
  • Contract
  • London
  • £550 - £550 per day
  • Reference ML - 26225
  • Security Analyst Luxury Retailer requires a Technical Security Analyst with an extensive Threat and Vulnerability skill set to support their Security Threat & Vulnerability Management service to understand and mitigate threats and vulnerabilities relevant to the enterprise. The Security Analyst will have the...
Read more
Sailpoint SME
  • Contract
  • London
  • £550 - £650 per day
  • Reference ML- Sailpoint
  • Sailpoint SME Global Media firm requires an Identity and Access Management specialist, someone who has extensive experience implementing Sailpoint. The Identity and Access Management Specialist will have the following experience: Previous experience implementing SailpointArchitecting...
Read more
Business Resilience Manager
  • Contract
  • Southampton
  • £450 - £550 per day
  • Reference ML - 26201
  • Business Resilience Manager (BRM) Financial Services Firm require a Business Resilience Manager (BRM) to take a leading role in driving the firm in becoming a more resilient organisation. The Business Resilience Manager will have the following experience: Business resilience, incident response and crisis...
Read more