Cybersecurity Risk Analyst

Cyber Vulnerability Management Analyst

Fixed Term Contract (Maternity Cover) 18 months

Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business requirements, we are now looking to acquire the services of an experienced Senior Compliance Officer, Monitoring & Assurance.

Please note that this is a hybrid role with 3 days in the office and 2 days working from home.

Key Responsibilities:

In this fixed term contract role, you will be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals.

The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary MI/Dashboard reports for the relevant stakeholders and alleviate the workload of the IT Service desk function when required.

The primary responsibilities of the role is to perform daily assessment of vulnerabilities identified by internal and external scans. Evaluate, risk assess and rate the results of the scan, prioritise all vulnerabilities discovered and remediate/patch within the established remediation timeline(s)/SLA. The role also requires the job holder to work closely with the SMEs/vendors of the relevant systems. Understanding of cloud technologies such as Azure/Amazon Web Services and Oracle Cloud Infra is essential.

Key Skills/Experience:

• Essential: Bachelor’s degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications
• Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR)
• CISM/CISSP
• Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout
• Vulnerability Scanning Tool e. Tenable One, Qualisys
• Knowledge of vulnerability scoring systems (CVSS/CMSS)
• Incident/Response & Forensic Management Skills
• IT Technical Admin Support - Azure, Oracle Cloud Infrastructure (OCI Cloud)
• Microsoft Windows Support & administration, CE+, ISO27001
• Email and Information Security Filtering/Monitoring Solutions, Egress
• Hands on experience on Linux and Mac Administration Support
• Good understanding of Windows and Linux patching