We have a current opportunity for a Vulnerability Manager on a contract basis. The position will be based in Watford. For further information about this position please apply.
Vulnerability / Patching Manager - 12 month contract
Purpose of Role:
This is a 12 month FTC role, initially. We have a hybrid-working model at but this role will require some office-working in Watford on a regular basis. This will be a first line of defence role that sits in Service Operations but will have a close working relationship with the information security team. This role is subject to Gambling Commission vetting.
- To ensure that security patching across the full IT stack is planned and executed in accordance with our patching policy, to decrease security risk
- Working closely with the Technical SMEs in Desktop, Infrastructure, Application and Information Security teams to ensure findings from our automated vulnerability scanning and other vulnerabilities that impact but are not identified by automated vulnerability scanning are actioned and tracked through to resolution
- Implement vulnerability mitigations with minimal impact on services by developing the engagement framework necessary.
- Own the Technology patching procedure documents
- Provide regular updates and reporting to the Technology leadership team
- Primary user of Cyber Risk reporting & risk tools (Lumin, Security Centre)
- Coordinate multiple technology owners and teams in their mitigations efforts
- Manage the end-to-end lifecycle for mitigations of security vulnerabilities and act as the point of contact between technical teams, departments & suppliers.
- Holds responsibility for developing and implementing plans to address major vulnerabilities that affect multiple technological and business areas until the risks can be contained and assessed.
- Support full spectrum attack surface reduction efforts, identifying misconfigurations, security hardening opportunities and similar. Helping to test and implement appropriate solutions.
Organisational Competencies
Expertise: Business Expertise Is skilled in working in a similar highly technical team with knowledge across multiple IT teams
Delivering Solutions: Problem Solving Recognises and solves typical problems that can occur in own work area, without supervisory approval; Typically finds solutions in existing procedures and precedents
Impact: Influence Makes decisions related to own work; Receives regular but moderate supervision and guidance
Impact: Customer Focus Responds to non-standard requests from internal and/or external customers; investigates with assistance from others as needed
Delivering Solutions: Continuous Improvement & Process Highlights new opportunities to continuously improve current working practices within own team
Skills & Experience:
- Strong proven vulnerability and patch management experience in a Blue Chip organisation
- Working knowledge of Windows server and end user patching (tools and practices), namely Security Centre (Tenable), SCCM, JAMF & VMware (workspace one)
- Experience within a technical function defining and achieving KPI and SLA/OLA targets
- Must demonstrate gravitas and ability to take ownership of patching challenges through to conclusion
- Excellent communication and influencing skills
- Strong supplier and stakeholder management skills
