Senior Attack Surface Remediation Analyst | S | Milton Keynes | T&DCountry: United Kingdom
Interested in part-time, job-share or flexible working ? We want to talk to you!
Join our community.
The difference you’ll make:
1. Managing deliverables which are closely coordinated with and integrated across all UK CISO functions for strategy development, continuous learning and awareness, reporting, innovation, service development and business / rd party engagement
2. Delivering solutions to reduce the attack surface of UK assets from analysis of cyber metrics
3. Reporting of detailed findings, exploitation procedures and mitigation techniques and to effectively communicate with stakeholders.
4. Providing regular updates to stakeholders at all levels
5. Ensuring continuous operations for core capabilities: threat identification and monitoring, vulnerability lifecycle, critical vulnerability triage, risk reporting, and consultation on mitigation techniques
6. Analysing cyber metrics to identify, prioritise and remediate root cause to reduce attack surface
What you’ll bring:
7. Ability to design and execute scenario-based tests tailored to the firm’s infrastructure and practices.
8. Expert project management (technical) experience preferably within cyber security
9. Experience in application vulnerability assessment and management, able to accurately assess the potential impacts of security flaws and involve technical teams accordingly.
10. Good understanding of vulnerability analysis in the context of the most common infrastructure models (on-prem DC infrastructure & DMZ, cloud IaaS/PaaS, Enterprise SaaS)
11. Ability to manage external service providers and internal customers in the context of a high-pressure environment towards positive security outcomes.
12. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices.
It would also be nice for you to have:
13. Enterprise solutions architecture practitioner, aware of best practice patterns, deviations, and compensatory controls
14. Relevant industry certifications highly desirable e.g. ISACA, (ISC)², GIAC etc
15. Understanding of security configuration baselines to comply with CIS Benchmarks and similar requirements.
16. Stay up-to-date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques.
What else you need to know:
We want our people to thrive at work and home, and we recognise that many people benefit from flexible arrangements. To enable us to deliver the best outcomes for our customers and to help each other develop we understand the importance of having the right balance of spending time together in an office while maintaining flexibility.
By working this way we can continue to create moments that matter for everyone. To support this, we offer site-based contracts with a hybrid working pattern and we’re happy to discuss specific requirements throughout the recruitment process.
This role is based in Milton Keynes and our current expectation is at least days in an office every week.
If you’re interested in this role but with part time hours or a job-share we would still love to hear from you and discuss these.
Application process
If your application is successful a member of our recruitment team will be in touch. We will arrange a short call with you to learn more about you and what you are looking for from your next career move, as well as answer any questions you have about working in the Santander tech team. If both sides agree we will send your CV to the hiring manager to review. For this position, the interview process will be :–
st Stage – Technical Interview – this will a min technical interview with one of the team
nd Stage – A one-hour formal interview where we will ask both technical and competency-based questions. This can be done virtually or face to face depending on your situation.
If there’s anything we can do in the recruitment process to help you achieve your best, please let us know.
Inclusion
At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed. We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair.
How we’ll reward you.
As well as a salary, you’ll enjoy a benefits package that you can tailor to your needs.
17. Eligible for a discretionary performance-related annual bonus
18. We put % of salary into your pension, even if you don’t contribute yourself. We’ll pay in up to .% of salary, if you contribute as well, and you can take some of our contribution in cash if you prefer.
19. days’ holiday plus bank holidays, which increases to days after yrs service, with the option to purchase up to contractual days per year
20. £, car allowance per year
21. Company funded individual private medical insurance
22. Voluntary healthcare benefits at discounted rates such as private medical insurance for your family, dental insurance, healthcare cash plan and health assessments
23. Benefits supporting you and your family, such as death-in-service benefit, income protection, and voluntary life assurance and critical illness cover
24. Share in Santander’s success by investing in our share plans
What to do next: