Vulnerability Analyst

Candour Solutions
North Yorkshire
5 days ago
Create job alert
Job Description – Vulnerability Analyst
About Hiscox:

At Hiscox we care about our people. We hire the best people for the work, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross‑functional working is supported with virtual tools that minimise physical travel, hot‑desking neighbourhoods that create a physical sense of community and Team Charters that our teams co‑create to set out how they’ll work together. This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues. As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things. We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions. Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places. Some people might say insurance is dull, but life at Hiscox is anything but. If that sounds good to you, get in touch. You can follow Hiscox on LinkedIn, Glassdoor and Instagram (@HiscoxInsurance).


Key Responsibilities:

  • Support and deputise (where applicable) for the TVM lead across all strategic and operational activities.
  • Support and play an active role in future TVM release cycles achieving full estate coverage and configuring additional Tenable modules.
  • Create TVM standard operating procedures to support release cycles and BAU activity.
  • Analyse and prioritise the outputs from TVM platforms and translate into mitigation actions for our Fusion Centre CI/CD pipelines.
  • Perform routine vulnerability assessments of our infrastructure and applications working with the group functions and business unit technology teams to resolve vulnerabilities and configuration weaknesses inline with defined SLAs.
  • Track open security weaknesses and vulnerabilities of concern in our estate and manage them through the lifecycle to closure.
  • Support in-flight security incidents by providing insight into our vulnerability exposure and what potential threat vectors a malicious actor may be trying to target.
  • Experience of working across multi‑cloud environement and resolving vulnerabilities and weaknesses across all.

Candidate Profile:

  • 1 to 3+ years’ experience in a cyber analyst role, preferably with a focus on TVM technologies.
  • Excellent working knowledge of the vulnerability management lifecycle.
  • Excellent analytical skills with the ability to work under own initiative.
  • Experience of working in a fast‑moving environment.
  • Good Tenable One product knowledge.
  • Good communication skills.
  • Good presentation and report writing skills.
  • BSc or MSc in Cybersecurity is desirable.
  • Industry recognised qualifications such as CompTIA PenTest+ and GIAC GPEN are desirable.


#J-18808-Ljbffr

Related Jobs

View all jobs

Vulnerability Analyst

Security Analyst - Dublin

Cyber Assurance Officer

Information Security Analyst - Law Firm

Business Analyst - Operational resilience - Banking

IT Information Security Analyst - Compliance

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write a Cyber Security Job Ad That Attracts the Right People

Cyber security is now a board-level priority for organisations across the UK. From financial services and healthcare to critical infrastructure, SaaS platforms and the public sector, demand for skilled cyber security professionals continues to grow. Yet despite this demand, many employers struggle to attract the right candidates. Cyber security job adverts often generate large volumes of applications, but few are a genuine match. Meanwhile, experienced security engineers, analysts and architects quietly ignore adverts that feel vague, unrealistic or disconnected from real security work. In most cases, the problem is not a lack of talent — it is the quality of the job advert. Cyber security professionals are trained to assess risk, spot weaknesses and question assumptions. A poorly written job ad signals organisational immaturity and weak security culture. A well-written one signals seriousness, competence and trust. This guide explains how to write a cyber security job ad that attracts the right people, improves applicant quality and positions your organisation as a credible security employer.

Education Jobs

Maths for Cyber Security Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cyber security jobs in the UK it can feel like “real security people” must be brilliant at maths. The reality is simpler: most roles do not need degree-level pure maths. What they do need is confidence with a small set of practical topics that show up repeatedly in day-to-day work across SOC, incident response, cloud security, AppSec, threat detection, IAM & security engineering. This guide strips the maths down to what actually helps you get hired. It includes a 6-week learning plan plus portfolio projects you can publish to prove the skills. You will focus on: Number systems & bitwise thinking (binary, hex, bytes, XOR) Modular arithmetic basics (enough to understand how modern crypto “works”) Probability & statistics for detection, triage & risk Discrete maths for logic, sets, graphs & complexity Security maths habits: estimation, false positive control & evidence-led reporting You will not waste time on heavy theory that rarely appears in junior or mid-level cyber security roles.

Jobs

Neurodiversity in Cyber Security Careers: Turning Different Thinking into a Superpower

Cyber security is all about thinking like an attacker, spotting unusual patterns, protecting systems & responding calmly when everything looks like it’s on fire. It’s a discipline built on curiosity, persistence & noticing things other people miss. That’s exactly why it can be such a good fit for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a security role. In reality, the traits that can make traditional office work tough often line up beautifully with cyber security work – from hyperfocus in incident response to meticulous analysis in threat hunting. This guide is written for cyber security job seekers in the UK. We’ll look at: What neurodiversity means in a cyber context How ADHD, autism & dyslexia strengths map to different security roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence during applications & interviews By the end, you’ll have a clearer sense of where you might thrive in cyber security – & how to turn “different thinking” into a genuine superpower.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.