Parker Shaw logo
jobs board

Cyber Security Vulnerability Analyst – SC

Job title

Cyber Security Vulnerability Analyst – SC

Job description

Duration : Until 31/03/25

What you'll do

  • The primary focus of the role will be delivering core security operations of vulnerability management. Key outcomes from the role are the delivery of seamless vulnerability management service into infrastructure and business units, verifying the effectiveness of security measures.
  • As a cyber security vulnerability analyst, you will:
  • manage the operation and roll out of one or more vulnerability identification and assessment capabilities across on-premise and cloud-based IT estate and digital services
  • coordinate the triage and remediation of identified vulnerabilities using a risk-based approach, working closely with service teams and developers to ensure that appropriate mitigation measures are implemented
  • work closely with other teams to proactively reduce cyber security vulnerabilities
  • produce regular reporting which delivers insights on vulnerability management activities and the impact on cyber security risk
  • establish a detailed understanding of data security and architectures enabling the delivery of consistent security advice
  • define requirements for improving and expanding our security tooling
  • develop and update internal plans, processes, and knowledge base articles

Who you are

  • We're interested in people who have strong vulnerability management experience, including:
  • experience developing, implementing and operating vulnerability management capabilities using Tenable One
  • experience using a variety of sources of information to identify, analyse and report on relevant threats and vulnerabilities.
  • experience deploying, configuring and using vulnerability assessment (such as Tenable and the NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools
  • excellent stakeholder management skills
  • excellent verbal and written communication skills, and the ability to communicate technical security issues to both technical and non-technical stakeholders
  • experience with cloud environments such as AWS and Azure
  • It's also desirable that you have:
  • experience with bug bounty programmes and platforms
  • experience with digital brand protection
  • experience investigating and responding to cyber incidents
  • ability to work as part of a team in a multidisciplinary environment


This website uses cookies to ensure you get the best experience on our website. By continuing you agree to the terms as specified in our cookie policy