Vulnerability Specialist

You will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of vulnerability scanning, SIEM and security toolsets to meet the requirements of the business and its customers.

This is a hands-on role and requires a both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of vulnerability scanning tools and processes – particularly Qualys.

Although the focus is on VMS, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.

Requirements

General responsibilities within CSOC

• Respond to client requests and liaise with them directly on security issues.
• Lead process improvement opportunities, provide solutions and lead in implementation of changes.

Specific VMS Responsibilities

• Lead within Content+Cloud for the Vulnerability Scanning Service.
• Creation and delivery of regular reports to customers.
• Extensive liaison with the business, coordinating vulnerability scanning with Technical Account Managers, Service Delivery Managers and teams conducting patching. Communication within this network of any client patching priorities.
• Create and manage vulnerability scanning processes and standards.
• Product Management of Qualys, to involve scheduling and creating scans, liaising with clients to propose and implement mitigations for identified vulnerabilities, and be main POC to the Qualys TAM.
• Design and maintain vulnerability scanning Key Performance Indicators. Create and deliver dashboards and regular reports to monitor metrics to assess performance against KPIs.
• Maintain the short and long term strategy for effective vulnerability scanning.
• Give direct support to different projects within the SOC, attending planning meetings and integrating vulnerability scanning into the wider service.
• Support major incident responses as required.
• Work with clients to resolve public facing vulnerabilities in our applications and associated infrastructure.
• Monitor open-source media for new vulnerabilities.
• Future: Technical escalation point, mentoring and training for vulnerability scanning analysts.

Essential

• Demonstrable passion for cyber security.
• Ability to work independently – identify own tasks in line with the wider SOC strategy and see them through to a successful conclusion.
• Excellent soft skills in the form of team working, problem solving and communication.
• In time, the ability to lead and manage a small team of vulnerability scanning Analysts (upon further development of the capability from scanning to full VMS).
• Demonstrable technical knowledge, skills and/or experience in vulnerability scanning tools.
• Working knowledge of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)

Benefits

If you click here you can read about some of the benefits this role attracts.

If work life balance is as important for you as it is for us, you'll like our remote-first hybrid working policy: four days per month in a C+C office or with your clients.

You'll get a chance to discuss with your manager about the days that work best for you and your team to meet in person

All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan