Location: Newbury + *Hybrid
Working hours: Full time hours per week – Mon to Fri
Salary: Excellent basic salary plus bonus and Vodafone benefits
*Hybrid
At Vodafone UK we believe that through collaboration and connection with our colleagues we can achieve great things. Our hybrid working approach allows our people to work both in the office and at home, providing the flexibility and resources you need to succeed in your role. We don't require you to be in on specific days; instead, we ask people to come into the office 2-3 days each week, on average 8 days a month. Our “Office in a Box” home working kit will provide you with everything you need, no matter where you are.
Who We Are
At Vodafone UK, diversity isn’t just a buzzword, it is core to who we are as a company. We’re proud to be certified as a Great Place to Work and are committed to driving inclusion for all; creating a workplace that is fully representative of the communities and customers we serve.
What you’ll do
As the Vulnerability Management Team Specialist, you will be responsible for driving risk reduction across the Vodafone UK estate as well as acting as the lead on topics such as hardening compliance, Security Patching and Vulnerability Mitigation. Your role will be to understand the needs of key technical stakeholders to identify methods and solutions for the purpose of remediating vulnerabilities using industry best practices. As well providing subject matter expertise you will also be expected to have a broad awareness and understanding of new and emerging vulnerabilities and threats that could impact Vodafone.
Main responsibilities :
1. Lead the vulnerability management function for Vodafone UK
2. Lead day-to-day vulnerability management activities such as scanning, tracking, and reporting.
3. Identify best practice around vulnerability remediation.
4. Rollout security hardening and vulnerability mitigation.
5. Working with Risk functions to identify risk and actions for mitigation/ resolution
6. Assess existing risk and control gaps by reviewing incident reports, problem management and vulnerability management findings and security audits
7. Develop, measure, and analyse Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), to design and generate metric reports and develop our own scheduling platform to streamline coordination activities.
8. Develop and grow the vulnerability management team providing mentoring, coaching and development opportunities.
9. Lead the Telecommunications Security Act implementation for the Vulnerability Management function.
10. Lead and present on behalf of Vulnerability Management for internal and external (inc customer) audits
11. Communicate fluently orally and in writing, and present complex technical information to both technical and non-technical audiences
12. Facilitate positive collaboration between global stakeholders who share common objectives
13. Be a Vodafone Cyber remediation champion
14. Encourage Secure by Design principles
Who you are
15. Leading Experience of Vulnerability Management & Penetration Testing.
16. Expert knowledge of vulnerability scanning toolsets Qualys, Tenable or Rapid7
17. Expert knowledge of pathing toolsets including TrueSight, Red Hat Satellite and IBM BigFix,
18. Leading knowledge of information security management and cyber security principles
19. Project management experience
20. Solid understanding of networking concepts
21. Solid understanding of IT concepts including serverless and containerisation
22. Familiarity with programming/scripting languages
23. The ability to communicate fluently orally and in writing
24. Experience of working in agile and fast paced pressured environments
25. Experience of devising, visualising and presenting Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs)
26. The ability to build great working relationships and are culturally sensitive and socially flexible in a global corporate environment
27. Security related industry accreditations such as ITIL, GIAC, CREST, CISM, CISSP (desirable but not essential)