Vulnerability Assessment Manager
VA Manager/Attack Surface Reduction Manager is required for this financial based in Buckinghamshire x2 days a week in office, x3 remote.
You will be experienced in vulnerability management tools and their implementation, vulnerability risk management as well as an eye for detail and structure.
You will play a critical role in proactively identifying and mitigating potential unauthorized access, data breaches, and other security incidents.

£80 - 95,000
Hybrid working. Buckinghamshire based x2 days a week, x3 remote working available.
You will have an Infrastructure background, which might include Sys Admin, Service Desk, Infra Engineering then moved in to the Vulnerability Management arena.

This role requires solid communication skills, where you could be liaising at all levels, including the CISO.

You will:
Manage Deliverables which are closely coordinated with and integrated across all UK CISO functions for strategy development, continuous learning and awareness, reporting, innovation, service development and business/3rd party engagement.
Delivering solutions to reduce the attach surface of UK assets from analysis of cyber metrics.
Reporting of detailed findings, exploitation procedures and mitigation techniques and to effectively communicate with stakeholders.
Ensuring continuous operations for core capabilities: threat identification and monitoring, vulnerability life cycle, critical vulnerability triage, risk reporting, and consultation on mitigation.
Analysing cyber metrics to identify, prioritise and remediate root cause to reduce attach surface.

You will bring:
Experience in application vulnerability assessment and management, able to accurately assess the potential impacts of security flaws and involve technical teams accordingly.
Understanding vulnerability analysis in the context of the most common infrastructure models (on-prem DC infrastructure & DMZ, cloud IaaS/PaaS, Enterprise SaaS.)
Knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices.
Ability to design and execute scenario-based tests tailored to the firm's infrastructure and practices.
Project management (technical) experience preferably within cyber security.