Associate Vulnerability Analyst Cyber Security

Working as a valued member of the Vulnerability Management team you will use a variety of tools and techniques to assist our Vulnerability Analysts in the research, risk assessment and reporting of security vulnerabilities discovered in HL's IT estate. Afterwhich, you will assist our IT teams and business stakeholders to prioritise appropriate remediation activities.

Your day-to-day activities will include working with vulnerability scanning tools to discover security weaknesses in HL systems, using industry standard frameworks to assess and categorise vulnerability risk and supporting IT teams to create mitigation andremediation plans. Additional activities will include working closely with other cyber security teams (such as Threat Intelligence and Security Operations) to enhance existing security controls and working with ethical hacking teams to further identify securityvulnerabilities.

This role represents an opportunity for individuals with a strong desire to kick-start their career in cyber security - all while protecting one of the UK's leading financial organisations. To be successful, you should be able to demonstrate your enthusiasmto work within an ever-growing cyber security industry as well as demonstrating your ability to work through logical problems in a proactive way.

**What you will be doing**
- Perform regular reviews of public (and private) vulnerability feeds to ensure the Vulnerability Management function is kept up to date with the latest Cyber Security trends;
- Support the management of on-prem and cloud-based vulnerability and compliance scanning solutions;
- Collaborate with other cyber security functions within the organisation to improve the discovery and risk assessment of vulnerabilities;
- Perform risk assessments on disclosed vulnerabilities, leveraging contextual risk information, e.g. threat feeds, internal critical asset matrices;
- Assist Digital Teams in the creation of mitigation and remediation plans for discovered vulnerabilities;
- Assist in the creation and maintenance of real-time metrics, feeding directly into MI packs and compliance reporting;
- Assist the Vulnerability Manager in achieving compliance to internal policy and regulatory standards, e.g. PCI-DSS.

**About you**
- Previous experience in a Risk Management, IT or customer-facing role;
- Preference for at least one (or willing to work towards) professional security certification e.g. CEH, Security+, CISMP;
- Foundational knowledge of IT systems, networks and infrastructure;
- Basic understanding of information security and risk management principles;
- Self-motivated individual with a willingness to continually learn and develop.

If you're interested in applying, we'd also encourage you to provide a short cover letter so we can better understand how you, as an individual, would be a good fit for the role.

**Why Us?**

Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.

**What's on offer?**:

- Discretionary annual bonus & annual pay review
- 25* days holiday plus bank holidays and 1-day additional Christmas closure time
- Option to purchase an additional 5 days holiday per year
- Flexible working options available, including hybrid working
- Pension scheme up to 11% employer contribution
- Sharesave scheme - have a real stake in HL's future
- Income Protection & Life insurance (4 x salary core level of cover)
- Health care cash plans - including optical, dental, and out patientcare
- Gympass - gym memberships and wellbeing apps available
- Variety of travel to work schemes with free bike storage and shower facilities
- An inhouse barista serving subsidised coffee and snacks
- Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year)
- LifeWorks Discounts on services, restaurants and retailers
- up to 30 days depending on role level & increasing with length of service
- This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information.