Vulnerability and Patching Product Owner
Role Description
The role ensures IT vulnerabilities are identified, evaluated, and mitigated in line with Local and Group policies, covering on-prem, cloud, network, application, and end-user devices. It involves developing and enhancing vulnerability and patch management processes, as well as standardizing patching and build procedures across all asset classes. The position includes regular reporting on vulnerability and patch status and forecasting future needs for senior stakeholders.
The role can be based anywhere in the UK, however, there is likely to be a requirement to work from the Guildford office approximately for 1-2 days per week, at least 6-8 days per month, and also a requirement to travel to other UK offices to attend meetings when required.
Salary Information
Pay is based on relevant experience, skills for the role, and location. Salary is only one part of our total reward package.
About You
* You will be ensuring regular vulnerability assessments of the organization’s IT systems and applications are conducted.
* Analysing and interpreting vulnerability scan results, prioritising risks, and recommending remediation actions.
* Collaborating with Onshore and Offshore outsourced IT, Application Owners, and security teams to develop and implement vulnerability management strategies.
* Monitoring and tracking the status of identified vulnerabilities and ensuring timely remediation.
* Maintaining a list of exempt devices with a remediation plan to bring back into specification.
* Staying up-to-date with the latest security threats, vulnerabilities, and industry best practices.
* Preparing and presenting vulnerability assessment reports to management and stakeholders.
* Assisting in the development and maintenance of security policies, procedures, and standards.
* Understanding technology interdependencies and their impact on vulnerability management.
* Embedding vulnerability management into the IT lifecycle, including development, deployment, maintenance, and decommissioning, ensuring vulnerability management is integrated at every stage.
* Managing and ensuring consistency of Configuration of servers and workplace devices to agreed standards including spot checks of actual configurations deployed.
* Managing 3rd party suppliers to deliver a vulnerability and patch management capability that meets AZ UK's ongoing requirements.
* Deep technical knowledge of security-relevant systems (e.g., Active Directory, Qualys Vulnerability Management, FireEye technology, ArcSight).
* Good technical knowledge of a broad range of IT solutions across on-prem, cloud, network, and end-user technologies.
* Good knowledge of business security requirements and their implementation.
* Understanding of technology interdependencies and their impact on security.
* Ability to analyse configurations and ensure they are aligned with policy.
* Strong Excel and PowerBI experience.
Qualifications
* Relevant certifications such as CISSP, CEH, or GIAC are preferred.
* Degree (preferred).
* Strong knowledge of vulnerability management tools and technologies (e.g. Qualys, Nessus).
* Experience with security frameworks and standards (e.g. ISO27001, NIST).
Experience
* Experience conducting risk assessments, especially from an information security and business continuity perspective.
* Experience of IT lifecycle management, including development, deployment, maintenance, and decommissioning.
* Experience of managing stakeholders across all levels and working with outsourced suppliers.
* Experience of creating and presenting executive summary reports.
* Experience of working in a heavily outsourced environment.
* Excellent analytical and problem-solving skills.
* Strong communication and interpersonal skills.
* Ability to work independently and as part of a team.
What We Will Offer You
Recognised and rewarded for a job well done, we have a range of flexible benefits for you to choose from, so you can pick a package that’s perfect for you. We also offer flexible working options, global career opportunities across the wider Allianz Group, and fantastic career development and training. That’s on top of enjoying all the benefits you’d expect from the world’s number one insurance brand, including:
* Flexible buy/sell holiday options.
* Annual performance-related bonus.
* Contributory pension scheme.
* A discount of up to 50% on a range of insurance products including car, home, and pet.
Our Ways of Working
Do you need flexibility with the hours you work? Let us know as part of your application and if it’s right for our customers, our business, and for you, then we’ll do everything we can to make it happen. Here at Allianz, we are signatories of the ABI’s flexible working charter. We believe in supporting hybrid work patterns, which balance the needs of our customers with your personal circumstances and our business requirements. Our aim with this is to help innovation, creativity, and you to thrive - Your work-life balance is important to us.
Diversity & Inclusion
At Allianz, we prioritize diversity and inclusion, demonstrated by our numerous accreditations: EDGE certified for gender inclusion, Women in Finance Charter members, Disability Confident employer, Stonewall Diversity Champion, Business in the Community’s Race at Work Charter signatories, and Armed Forces Covenant gold standard employer.
We embrace neurodiversity and welcome applications from neurodivergent and disabled candidates, offering tailored adjustments to ensure your success.
We encourage our employees to advocate for their needs, whether it’s assistive technology, ergonomic equipment, mentoring, coaching, or flexible work arrangements.
Accessible Application for All
As part of the Disability Confident Scheme, we support candidates with disabilities or long-term health conditions through the Offer an Interview Scheme, for those meeting the essential skills for the role.
Contact our Resourcing team to opt into this scheme or for assistance with your application, including larger text, hard copies, or spoken applications.
For any inquiries or to submit your application, please contact: Scott Burns.
If you are an at-risk candidate facing potential redeployment, please include this information in your CV.
We reserve the right to close the ad early if we reach enough applications.
#J-18808-Ljbffr