- Be uniquely you, come as you are
- Work within an industry leading business
- Be a key player within the Cyber Security strategy
Please note, this role is a 12 month fixed term contract.
As a Senior Vulnerability Management Analyst, you will be a critical part of the Endeavour cybersecurity team and a key implementer of the Cyber Security strategy via engagement with stakeholders, both in the business and operations side .
The ideal candidate will oversee assurance and provide guidance on implementing a proprietary Control framework for the organisation. This involves collaborating with both business and technical teams to devise remediation plans and offer insights on optimal outcomes to mitigate risks using the approved frameworks used by Endeavour Group..
In this position, you'll also be tasked with evaluating and addressing findings from stakeholder interactions, focusing on Vulnerability assurance and advice to safeguard organisational infrastructure and mitigate key risks. You will need to identify, assess, and manage cybersecurity vulnerabilities including infrastructure, cloud and penetration testing within the Endeavour group and its affiliated banners. A significant portion of the role involves nurturing relationships with stakeholders to effectively address cybersecurity vulnerabilities.
Additionally, you'll closely collaborate with the Cyber Security Risk team to ensure ongoing management and awareness of current risk exposure. You'll also liaise with the application security and architecture teams for any penetration testing engagements.
Sound good? Read on.
Here is a taster of what you can expect in this role:
- Be responsible for the Management of the end to end implementation of approved control frameworks and provide recommendation to help business prioritise remediation, aligning with the Cyber Security Strategy
- Be responsible for the Vulnerability Management strategy and implementation
- Be responsible for managing penetration testing activities from owning the framework to liaising with third parties and business stakeholders
- Be responsible for the testing of critical controls in relation to critical Assets and identifying key threat exposures
- Be responsible for managing zero days by providing advice on the exposure and probability of exploitation of vulnerabilities in the EGL Landscape.
- Be responsible for the reporting of the current state of control effectiveness and vulnerabilities reporting
- Be responsible for identifying, triaging and managing cybersecurity vulnerabilities within the Endeavour group and its banners and the threat exposure. The role will be internally faced with a strong need to manage relationships with stakeholders to ensure the optimal management of cybersecurity-related vulnerabilities.
- Provide active support in remediation activities pertaining to organisational and cloud infrastructure needs.
- Work closely with the Cyber Risk Team to manage the remediations of risks.
- Create awareness and perform analysis of new vulnerabilities that are to be communicated to the teams.
- Conducting assurance of the state of vulnerability remediations in the organisation via tool sets.
- Contribute to Cyber Security standards and central cyber strategy when required (post assurance work) under the guidance of the Security Architecture Team
