Senior Analyst – Security and Vulnerability Management

Why we’re hiring:

The role of vulnerability management is to triage vulnerabilities by relevance and criticality to the organisation.

The vulnerability management analyst will then identify mitigations for those vulnerabilities and advise on implementing them.

What you’ll be doing:

• Manage complex information systems to understand and prioritise actions on Cyber Security risks, audit requirements and data value, and provide guidance to vulnerability management team members.
• Manage the creation and implementation and lead development of vulnerability assessments for IT estates, including but not limited to application vulnerability assessments and infrastructure vulnerability assessments.
• Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.
• Manage the triage of vulnerabilities, ensuring mitigation measures are implemented, and managing the life cycle of vulnerability management for a set of assets, providing tailored advice on ways to improve control mechanisms and mitigate risks.
• Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.
• Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures.
• Manage collaboration with stakeholders to create tactical plans relating to managing vulnerabilities and oversee subsequent activities.
• Demonstrate developed knowledge and understanding of approaches and tooling for performing vulnerability assessment against large and complex infrastructure.
• Validate system configuration across multiple and complex interlinking systems.
• Translate vulnerability management standards and best practice into organisation-specific policies, procedures and guidelines and champion standards and best practice outside security functions.
• Explain the need for effective vulnerability management processes and implications of poor performances.
• Lead development and implementation of effective vulnerability management programs across the enterprise to meet organisational and regulatory and compliance requirements.

Who you’ll be working with:

You’ll be part of a team of talented technology risk professionals drawn from a variety of backgrounds, with a common goal of supporting achievement of WPPs strategy through the development of practical and pragmatic IT risk management solutions.

Whilst a track record of technology risk management experience is essential, what sets members of the WPP IT Compliance team apart is the ideas they generate, their problem solving skills, a desire to shape the direction of IT risk management in WPP, an appetite to develop innovative solutions to technology risk challenges and above all an ability to thrive in a fast moving, collaborative team environment.

What you’ll need:

Skills and Knowledge:

• Hands on experience of :
• Vulnerability management, tools, techniques and methodologies;
• Application and infrastructure penetration testing
• Information risk assessment and risk management
• Threat intelligence and threat assessment
• Cyber Security operations
• Legal and regulatory considerations
• Understanding the importance of strong Security controls and maintaining a positive user experience.
• Understands security concepts to engage with security technologists and communicate in a language that is appropriate to audience.
• Technical and service awareness.
• Assist on making decisions based upon evidence and data.

Experience:

• Managed the delivery of vulnerability management or security operations objectives.
• Experience of working in a global organisation.
• Collaborative working with suppliers, partners and end-users at all levels.
• Managing staff effectively in order to provide excellent service.

Person:

• Experience in moving a dynamic environment to a business-as-usual one.
• Able to influence and negotiate at broad levels.
• Ability to build and maintain positive business relationships.
• A confident, credible and influential communicator with internal and external stakeholders.
• Able to maintain sight of the mission.
• Ability to identify and escalate critical issues with ease.
• The ability to lead, inspire and influence others.
• Flawless integrity.

Who you are:

You’re open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You’re optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with confidence: to try the new and to seek the unexpected.

You’re extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we deliver extraordinary every day.

What we’ll give you:

Passionate, driven people - We champion a culture of people that do extraordinary work.

Scale and opportunity - We offer the opportunity to create, influence and deliver projects at a scale that is unparalleled in the industry.

Challenging and stimulating - Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?