Vulnerability Lead

Vulnerability Lead - Hybrid (Manchester)

Harvey Nash is currently recruiting for an exciting permanent role with a client of ours, a leading public sector organisation who are currently undergoing lots of change and transformation. The successful candidate will play a crucial role in defending our systems by identifying weaknesses in our digital assets and implementing measures to enhance security.

This role involves providing operational leadership in all aspects of vulnerability management, including identifying, assessing, prioritizing, and managing vulnerabilities to support risk management.

The role:

1. Conduct daily technical activities to identify, assess, categorize, prioritize, remediate, and manage vulnerabilities across digital assets and environments.
2. Validate vulnerability alerts by collaborating with teams to understand business impacts.
3. Produce threat-informed vulnerability reports and assessments, offering remediation strategies and solutions.
4. Lead and coordinate vulnerability activities, including monitoring and configuring scans.
5. Oversee the delivery of our vulnerability management program, focusing on identification, remediation, and performance monitoring.
6. Utilize automated approaches and methodologies to enhance team efficiency and effectiveness.
7. Regularly review and refine vulnerability management processes, procedures, and technologies to improve efficiency and effectiveness.
8. Analyse cyber defence policies and configurations, ensuring compliance with regulations and organizational directives.
9. Perform technical evaluations of technology, risk, and vulnerability assessments in relevant focus areas (eg, local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
10. Produce, improve, and maintain technical documentation for effective system management.

The candidate:

• Significant practical experience as a vulnerability analyst/lead within the Cyber Operations domain.
• Strong knowledge of vulnerability management practices and relevant regulations (eg, GDPR, NIST, ISO 27001).
• Hands-on experience with vulnerability management platforms.
• Extensive experience in writing vulnerability reports and assessments.
• Proven ability to provide excellent customer service, meeting the needs of internal and external customers.
• Understanding of the Cyber Kill Chain and MITRE ATT&CK techniques, with familiarity with common and latest forms of malware.
• Experience working within hybrid infrastructure environments, including on-premises and cloud (PaaS, SaaS, IaaS), with a focus on Microsoft Azure.
• Awareness of the latest security and technological developments, integrating them into work.

• Good technical security knowledge based on at least 3 years of practical experience, including:

• Microsoft Windows, 365, and Azure technologies.
• Familiarity with product sets such as Rapid7 and Microsoft Defender for Endpoint.

Please apply now or contact me directly for a confidential conversation:

Email - (see below)

Vulnerability Lead - Hybrid (Manchester)