Bertelsmann
International media company and its divisions; information for all interested people, journalists, and applicants; financial data and business details.
Are you ready to play a pivotal role in safeguarding Penguin?
Our Security Operations team, an integral part of the Technology and Information Security community here at Penguin, is recruiting for a Threat & Vulnerability Manager. Our Security Operations team, located across London and Essex, is dedicated to monitoring and protecting the security and integrity of our systems against technical risks, which aim to preserve the values and reputation of the Penguin brand.
You will step into a senior role where your expertise will shine as you support the Head of Security Operations in fortifying our cyber defenses. As the Threat & Vulnerability Manager, you'll be at the forefront of maintaining and enhancing our cyber security landscape through swift and effective threat assessments and remediation processes. Your work will be pivotal in minimizing business disruption, safeguarding our reputation, and protecting our consumers from the risks posed by unpatched or vulnerable systems. You'll lead the charge in driving continuous improvement in our threat and vulnerability management, collaborating extensively with diverse stakeholder groups across the business.
Responsibilities
1. Ensure vulnerability detection and remediation controls are properly configured and effective.
2. Quickly assess new vulnerabilities and lead efforts to resolve or mitigate them based on severity and applicability.
3. Act as the product owner for enterprise VM tools, collaborating with infrastructure and security architects.
4. Lead the team in driving continuous improvements in vulnerability management processes.
5. Co-ordinate penetration test remediation activity and provide qualitative reviews of proposed resolutions.
6. Develop processes and procedures to maximize our use of multiple threat intelligence feeds.
7. Provide guidance on vulnerability management and mitigation across endpoints, servers, networks, and applications.
8. Collaborate with internal and external teams to enhance our security posture through effective vulnerability remediation.
9. Produce regular metrics and KPIs to track vulnerability trends and priorities and produce regular informed threat intelligence reporting.
10. Oversee BAU vulnerability management processes managed by our Security Operations or our MSSPs.
11. Drive technical integrations between VM platforms to enhance automation and threat intelligence.
Requirements
1. Demonstrable experience using VM tools at an enterprise level and leading VM programs.
2. Experience with patch management processes.
3. Broad and deep vulnerability knowledge across Infrastructure, Cloud, Applications, and Networks.
4. Ability to build and maintain collaborative relationships with stakeholders, advocating for risk-based vulnerability management.
5. Good understanding of Web Application Security frameworks, common vulnerabilities, and remediations.
6. Excellent administrative and multitasking skills.
7. Strong stakeholder management skills with experience utilizing security-related KPIs and executive reporting.
8. Effective relationship-building skills to form partnerships with diverse teams.
9. Excellent verbal, written, and interpersonal communication skills, with the ability to explain technical information to non-technical colleagues.
10. An agile mindset, focused on delivery and achieving regular incremental successes.
11. A commitment to professionalism, setting high personal standards, and leading by example.
12. High energy, drive, and ownership for improving technical security controls.
About Security Operations
The Security Operations team is part of the wider Information Security community across Penguin Random House UK, ensuring our systems are monitored and protected against technical risk. Our Security Operations team are based in London and are part of our larger Technology division based across London and Essex.
About Technology
Following the successful completion of our recent technology, data and process merger, our Technology division is charging ahead with our strategic plan to amplify the voices of our organization. This includes leveraging the potential of Cloud solutions, continuously enhancing our security measures, revitalizing legacy applications, and enhancing our interactions with strategic partners and suppliers. Our Technology Division spans across two vibrant office locations in London and Colchester, where approximately 200 colleagues are dedicated to empowering our mission – we make books for everyone, because a book can change anyone.
Our Approach to Hybrid Working
While our offices are places for you to connect, collaborate, and celebrate with colleagues, having flexibility about where you work is just as important for doing your best work and for your wellbeing. So, we don’t have a one-size-fits-all approach when it comes to how we work across Penguin Random House UK. For this role, there are regular weekly meetings and activities that you will need to attend in person mainly at our offices in London weekly. Outside of these moments, you can choose to work remotely.
Application Process
Please apply with your CV by 11:59 PM on Thursday 24th October. We anticipate a two-stage interview process which will include a virtual first-stage interview and in-person second stage interview.
What You Can Expect From Us
Salary: £65,000 - £70,000 dependent on how your skills and experience align to the role, plus bonus and benefits.
Our people are the heart of our business, and we work hard to support a culture of responsibility and recognition. Our benefits include:
* Financial – income protection, life assurance, childcare allowance
* Wellbeing - healthcare cash plan, critical illness cover, health checks
* Lifestyle – enhanced parental leave, tech scheme, free and discounted books
As a Disability Confident Committed organization, we're part of the offer an interview scheme. This is where disabled applicants who meet the essential criteria for the role can opt in to get to the next recruitment stage. There may be some situations where the volume of applicants means we can't take all eligible candidates to interview.
We encourage you to tell us about any reasonable adjustments you may need by emailing PRHCareersUK@penguinrandomhouse.co.uk. Remember, you only need to share what you are comfortable to for us to support your request.
Please note, we are not able to accept agency CVs for this role. Any CVs sent speculatively will not be eligible for a fee.
#J-18808-Ljbffr