Role: Vulnerability Management Lead
Contract Length: 12 months
Location: Hybrid/London, Manchester or Bristol - 2-3 days in the office required
IR35: Inside
Pay Rate to Intermediary: £550 per day
Security Clearance: SC requested
Spinwell is recruiting for a Vulnerability Management Lead for an excellent opportunity within the public sector.
RESPONSIBILITIES OF THE VULNERABILITY MANAGEMENT LEAD
Broaden the capability of the Domains Team. Currently the team has expertise around domains-related vulnerabilities. The Vulnerability Management Lead will develop this expertise such that the Team can help stakeholders deal with vulnerabilities found in the infrastructure, tools and services that public sector bodies commonly use in the development and delivery of their own digital services.
Enable the Domains Operations Team to quickly classify and triage vulnerabilities at scale, according to priority.
Help public sector bodies understand, assess and act on the vulnerability information they receive.
Help public sector bodies plan and prioritise how vulnerabilities are addressed to meet organisational objectives, using a risk-based approach.
Help public sector bodies improve their vulnerability management life cycle.
Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures and to enhance the quality and type of data provided to customer organisations.
Help create a knowledgebase of written guidance to help stakeholders manage, prioritise and fix their vulnerabilities.
Develop and maintain good working relationships with stakeholders across the public sector to accelerate the reduction of risk through the fixing of vulnerabilities.
Identify improvements to be made, specifically, and generally, identifying common problems and solutions across multiple organisations.
Work with the Domains Team to design and deliver effective services that meet user needs and are measurable through meaningful KPIs.
Work closely with the Government Cyber Coordination Centre (GC3), the UKs governments focal point for cross government collaboration on operational cyber security.
Work with the service owner to improve the quality of the data we share with public sector bodies.
Work with the service owner and customer organisations to identify gaps in our monitoring capability and improve and expand the scope of the vulnerability data we can provide.
SKILLS/EXPERIENCE OF THE VULNERABILITY MANAGEMENT LEAD
Expert knowledge of the security advantages and vulnerabilities of commodity products and technologies.
Good working knowledge of current cyber security threats, risks.
Experience in performing risk assessments, including business impact assessment, threat assessments and vulnerability (control gaps) assessments.
Experience in developing security advice guidelines and specific mitigation advice, aligning these with business risk in a proportionate way.
Experience in training and developing the people in the team around them.
Extensive experience in specifying and deploying security technical controls and developing design patterns based on solid understanding of security design principles.
Good working knowledge of the marketplace of cyber security products and services and experience of identifying and evaluating potential options to improve a service.
Good working knowledge of cloud computing architecture and related technologies.
Ability to interact with a broad cross-section of personnel to explain and encourage the implementation of security measures
Relevant industry qualifications and accreditations e.g. Certified Cyber Professional (CCP), Certified Information Systems Security Professional (CISSP), ISO27001 Lead Implementer
If you are a Vulnerability Management Lead, apply now or send your CV to Spinwell!
We welcome all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Applying to this or any other vacancy advertised by Spinwell Ltd constitutes an agreement for Spinwell Ltd to hold your details for 24 months for the purpose of assessing suitability for the advertised position and to make you aware of any other positions deemed suitable of which You will make you aware by means of either email, text or phone. In line with GDPR regulations you are able to request your details be removed from the company data at any time by emailing us
TPBN1_UKTJ