Vulnerability Researcher

NQC is a successful and growing software company specialising in supply chain risk management platforms. We’re in the ‘Tech for Good’ space, providing online web platforms which are in use by some of the largest organisations across a number of industries including the UK Government and the Automotive industry.

Based in central Manchester, NQC offers a supportive working atmosphere within a diverse team of people. We work on a hybrid model and regularly meet up outside of the office for team socials and company events. This is an opportunity to contribute to globally recognised technology solutions used by major brands throughout the world and become part of an exciting long term plan for sustainability, and a better future.

**About your new role**

As part of our growth journey, we are looking for an experienced Vulnerability Researcher to join our Research team.

As a Vulnerability Researcher you are expected to undertake the following responsibilities as part of your day to day activities:

- Understand our systems and domains, and prototype software and improvements based on your research.
- Analyse our SaaS solution and internal IP address scanning systems to identify vulnerabilities and weaknesses in our system’s design or implementation. You will provide technical guidance to clients based on your research.
- Suggest improvements to our vulnerability management process.
- Develop tools and techniques to assess vulnerabilities with IP addresses.
- Provide support with the research and development of our external cyber and information security offering, such as our CYBERSAFE CHECK product which enables organisations to safeguard against cyber threats.
- Based on your research, you will suggest improvements to our product offerings so we can continue to help external organisations understand and improve the security of their supply chains.
- Conduct research on new security vulnerabilities and trends.
- Stay up-to-date on the latest security threats and mitigation techniques.
- Produce vulnerability reports and communicate findings to stakeholders.
- You will also present security research and its implications to technical and non-technical audiences,

General Responsibilities

In addition to the key role responsibilities outlined above, all staff are required to undertake the following responsibilities in adherence with company policies:

- Be an ambassador for the company at all times;
- Maintain a high quality of communications internally and externally;
- Carry out any reasonable job related task requested;
- Implement and act in accordance with companies information security policies;
- Protect assets from unauthorised access, disclosure, modification, destruction or interference;
- Execute responsibilities in line with security processes or policies;
- Report security events or potential events or other security risks to the organisation;
- Adherence at all times to confidentiality clauses set out in employment contract particularly with regards to the handling of sensitive data and information;
- Attend training courses provided by the company and maintain awareness and adherence to company policies and processes;

**Requirements**:

- An interest and aptitude for vulnerability research from a professional background
- A passion for understanding how things work, testing them, pushing them to their limits, and finding security issues in them.
- Understanding of hardware and software development lifecycles and their impact on security practices.
- Understanding of network protocols and how software works from assembly through to interpreted languages, and everything in between.
- Understanding of NIST Cybersecurity frameworks and an understanding of The Common Vulnerabilities and Exposures (CVE) definitions would be beneficial
- A University degree such as cybersecurity or in a related field
- Strong data analysis and research skills
- Excellent written and verbal communication skills with the ability to present complex information in a clear and concise manner to target audiences
- Passion for sustainability and a desire to drive positive change
- Excellent problem-solving skills and ability to think critically and creatively
- Strong project management and organisational skills
- Ability to work independently and collaboratively in a team environment

Key Competencies
- Is consistently motivated, committed and able to perform duties in all situations.
- Persuades, influences and listens to others, using reason and co-operation to reach agreement.
- Communicates and receives ideas, views and information to achieve understanding.
- Gathers information from a range of sources. Analyses information to identify problems and issues.
- Makes effective decisions.
- Pays close attention to detail and accuracy in all aspects of work, ensuring high-quality results.

**Benefits**
- Competitive salary dependent on experience
- 25 days holiday (Increasing with service) plus Bank holidays
- Flexible