Vulnerability Analyst - Security Operations

Albany Beck are seeking a Vulnerability Analyst with a strong background in Security Operations to join our growing consultancy team and work on a critical programme of work for a leading global investment bank. This role is pivotal in ensuring the security and resilience of the bank’s systems by identifying, assessing, and mitigating vulnerabilities across a complex and dynamic IT landscape.

As a Vulnerability Analyst, you’ll be responsible for proactively analysing security threats and system vulnerabilities across the bank’s infrastructure. You’ll work alongside security engineers, architects, and SOC teams to ensure threats are swiftly identified and effectively mitigated. This role demands a keen analytical mindset, excellent communication skills, and deep knowledge of vulnerability scanning tools and remediation workflows in large-scale financial institutions.

Key Responsibilities:

• Conduct regular vulnerability assessments and penetration tests across applications, infrastructure, and cloud environments.
• Analyse security threats and vulnerabilities, providing risk-based recommendations to remediate or mitigate risks.
• Work closely with security, IT, and development teams to prioritise and address security weaknesses.
• Maintain and enhance vulnerability management processes, ensuring continuous monitoring and improvement.
• Perform vulnerability scanning, triage, and risk assessment across a broad range of systems, including cloud, on-prem, and hybrid environments.
• Coordinate with infrastructure and application teams to ensure timely and effective remediation.
• Collaborate with the Security Operations Centre (SOC) to correlate vulnerabilities with threat intelligence and incidents.
• Maintain and improve vulnerability management tooling and reporting frameworks.
• Contribute to security posture improvement through metrics, dashboards, and remediation tracking.
• Support governance and compliance initiatives related to vulnerability management.
• Track and report on remediation efforts, ensuring compliance with internal policies and industry regulations.
• Stay up to date with emerging threats, industry best practices, and regulatory requirements relevant to vulnerability management.

Key Skills & Experience:

• Proven experience in vulnerability management and Security Operations within a financial services.
• Experience working in or supporting a SOC or threat detection function.
• Strong knowledge of common vulnerabilities, exploits, and threat landscape.
• Understanding of security frameworks and standards such as NIST, ISO 27001, and CIS benchmarks.
• Ability to communicate security risks and mitigation strategies to both technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CEH, OSCP, or GIAC (preferred but not required).