Vulnerability Management Analyst

4 days ago

London, Greater London, United Kingdom ION Group Full time £100,000 - £120,000 per year
The Role:
The Vulnerability Management Analyst is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Vulnerability Management Manager who reports to the Global Head of IT Security.
As a member of the ION Security team, you will build and lead a team of Security professionals specialising in Vulnerability Management along with managing the partners and technology vendor deliverables and of course building and owning the strategy to deliver a world class Vulnerability Management program. The candidate must understand their role in the broader vulnerability management program and your team will regularly perform discovery scanning, risk/exposure assessments, mitigation support activities, continuous validation assessments, and lessons learned workshops and improvement projects to continuously improve our process across Group Security and all other Verticals.
We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are a must, and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate with an extensive cybersecurity background, at least 5+ years working in a security role, with focus on Vulnerability Management. Key Responsibilities:
  • This role may require work-out of hours in support of 24x7 globally coordinated operation
  • The primary responsibilities of this role are to:
  • Personnel Management
  • Align deliverables and objectives to OKRs
  • Be the escalation point for security Tooling issues and critical security breaches
  • Protect and defend:
  • Manage Vulnerability Management tooling to ensure coverage/availability/efficacy
  • Drive improvements and feature enhancement to ensure ROI
  • Operate and maintain:
  • Configure, tune, maintain & operate key vulnerability management controls
  • Management reporting – real-time metrics and scheduled reports
  • Drive process/procedure changes accordingly
  • Ensure quality of ticketing & runbook maintenance
  • Cultivate and maintain strong vendor relationships
  • Have an attitude of continuous improvement
  • Participate in CAB, Tool review or Architecture Review Boards (ARBs)
  • As a member of the ION IT Security Team, it is expected that the person in this role will:
  • Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
  • Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
  • Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
  • Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
  • Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation
  • Review vulnerability management systems, configurations, and processes to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results
Experience, Skills and Qualifications:
  • Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include:
  • Security+, CCSP, CEH, GCIH, GMON, CASP, or CISSP
  • Minimum of 5 years' experience in Vulnerability Management within large organizations
  • Excellent track record of building a Vulnerability Management program on a global scale with knowledge on vulnerability assessments, remediation and mitigation activities
  • Technical Security/Engineering/Compliance background with a previous track record of building risk management framework and applying to an existing vulnerability management program
  • Strong technical expertise in implementing a Prioritization formula to vulnerabilities and misconfigurations and translating these into risks
  • Excellent knowledge of Vulnerability Management frameworks such as NIST/SANS
  • The following general characteristics are required:
  • A team player with the ability to work independently and unsupervised
  • Ability to own delegated tasks and see them through to completion
  • Ability to manage time and prioritize work to maximize productivity
  • Excellent reporting and presentation skills are essential for this role
  • Excellent communication skills (both written and verbal)
  • Exceptional attention to detail and quality
  • Excellent problem-solving techniques and trouble analysis skills
  • Experience in design and publishing Security Standards & Policies
  • Experienced in running global Bug Bounty/VDP programs
  • Experienced in Pen Testing, from scope, schedule, findings, remediation and risk registration
  • The candidate should have a good knowledge of:
  • Vulnerability Management concepts, controls, and best practices for all Operating systems & asset types, (e.g. workstations, endpoints, mobile, servers either Windows/Linux, cloud instances, etc.)
  • Vulnerability Management tools (Tenable/Rapid7/Qualys)
  • Cloud Security compliance (IaaS, PaaS, SaaS) and misconfigurations
  • Multi-platform endpoints, infrastructure and XaaS vulnerability management deployments
  • General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
  • Forensic investigation techniques
  • Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, Vulnerability Management, MDM, etc.
  • Proven knowledge of compliance, regulatory practices and experience managing audits
About us:
We're a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we've achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.

• Over 2,000 of the world's leading corporations, including 50% of the Fortune 500 and 30% of the world's central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.

• Over 800 of the world's leading banks and broker-dealers use our electronic trading platforms to operate the world's financial market infrastructure.
ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe. Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.
ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business. ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

  • Cyber Threat and Vulnerability Manager

    6 days ago

    London, Greater London, United Kingdom Department for Business and Trade Full time £62,534 - £82,200 per year

    Join a team at the heart of the global economy The Department for International Trade (DIT) and Inspire People are partnering together to bring you an exciting opportunity for a Threat and Vulnerability Manager to protect DIT and the wider UK government from cyber threats in a fast paced and exciting role, responsible for the Vulnerability Management and...

  • Vulnerability Manager

    6 hours ago

    London, Greater London, United Kingdom La Fosse Full time £60,000 - £70,000 per year

    Hi All,I'm helping a growing FS business find a Vulnerability Management specialist to join their cyber function This is your opportunity to lead the Vulnerability programme for a FTSE 250 BusinessTo be successful in this role you will have experience with:Vulnerability Management (Vendor agnostic)Managing 3rd partiesLeading business projectsSalary is up to...

  • Vulnerability Management Manager

    4 days ago

    London, Greater London, United Kingdom ION Full time £100,000 - £150,000 per year

    The RoleThe Vulnerability Management Manager is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Global Head of IT...

  • Vulnerability Management Manager

    4 days ago

    London, Greater London, United Kingdom ION Group Full time £120,000 - £180,000 per year

    The Role: The Vulnerability Management Manager is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Global Head of IT...

  • Vulnerability Detection and Reporting Manager

    3 days ago

    London, Greater London, United Kingdom WPP Full time £80,000 - £120,000 per year

    WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities.Working at WPP means being part of a global network of more than 100,000 talented people dedicated to doing extraordinary work for our clients. We operate in over 100 countries, with corporate headquarters in New...

  • Lead Cyber Specialist, Vulnerability Management

    3 days ago

    London, Greater London, United Kingdom Kantar Full time £60,000 - £120,000 per year

    Job DetailWe're the world's leading data, insights, and consulting company; we shape the brands of tomorrow by better understanding people everywhere.About The JobThe Cyber Security Testing and Vulnerability Management team will be responsible for the delivery of vulnerability assessment and management services right across the Kantar business.This role will...

  • Senior Governance Analyst

    1 week ago

    London, Greater London, United Kingdom Senior Governance Analyst near London, UK Full time £100,000 - £120,000 per year

    Job DescriptionSenior Data Governance Analyst - Informatica - London (hybrid / remote)OverviewAre you a seasoned Data Governance professional with a passion for driving data innovation and enhancing data fluency? We are seeking a dynamic Senior Data Governance Analyst to join our forward-thinking team. This role is pivotal in implementing our Data Strategy...

  • Cyber Threat and Vulnerability Manager

    2 weeks ago

    London, Greater London, United Kingdom UK Government - Department for Business and Trade Full time £62,534 - £82,200 per year

    DetailsReference number435838Salary£62,534 - £82,200(including allowances) London £66,257 to £82,200, National £62,534 to £78,580. Salary is dependent on location and technical skills as assessed at interview.GBPJob gradeGrade 7Contract typePermanentBusiness areaDBT - CS - Digital, Data and TechnologyType of roleAdministration / Corporate...

  • Vulnerability Management Operations Lead

    1 week ago

    London, Greater London, United Kingdom LSEG (London Stock Exchange Group) Full time £60,000 - £110,000 per year

    LSEG is seeking a Vulnerability Management Operations Lead to drive the execution, coordination, and continuous improvement of our global vulnerability management program. This is a hands-on technical leadership role that blends operational oversight with deep analytical and engineering engagement. You'll provide direction and coordination across specialized...

  • Vulnerability Engineer

    4 days ago

    London, Greater London, United Kingdom dmg Full time £60,000 - £100,000 per year

    Vulnerability EngineerLocation: dmg::media Headquarters – LondonPosition: Permanent About dmg mediadmg media maintains an unwavering commitment to uncovering the stories that matter most. Its brands Daily Mail, The Mail on Sunday, Metro, The i Paper, MailOnline, and Mail+reach more than 9 million people daily in the UK.Globally, dmg media's brands reach...