Vulnerability Management Analyst

THE TEAM

The InfoSec team is led by our CISO and comprises of four pillars; Information Security Officers, Offensive Security, Defensive Engineering and Security Operations.

The Security Operations team is newly formed and empowered to deliver our detection and response capability for threat management, to continually protect our customers, platform and business.

THE ROLE

As a Vulnerability Management Analyst at Form3, you will work closely with the Vulnerability Management Manager supporting identification, prioritisation and coordination the remediation of vulnerabilities across our business and platform. You will be part of the Security Operations team, working closely with other InfoSec teams and supported by the wider Software and Platform Engineering teams.

RESPONSIBILITIES

• Assist in the execution of the vulnerability management and patch management process
• Coordinate vulnerability remediation across relevant Form3 teams
• Undertake vulnerability security assessment and triage
• Prioritise vulnerabilities based upon risk and business impact
• Conduct and interpret vulnerability assessment scans (Qualys)
• Create issues for vulnerabilities discovered by DAST and Zero-Day
• Track remediation progression to completion
• Maintain records and documentation in accordance with security policy and procedures
• Verify necessary actions are being taken by relevant teams
• Raise security risks where vulnerabilities can't be fixed or mitigated
• Manage vulnerability exceptions

WHAT WE'RE LOOKING FOR

Essential

• Knowledge of fundamental security concepts, including secure system development, vulnerability assessments, patch management, asset management, compliance, and operational security.
• Analytical skills, an inquisitive nature and problem-solving approach
• Process knowledge familiarity including communication and change management
• Familiarity with complex technology
• Interpersonal skills enabling effective interaction across Form3 with varying technical teams
• Proficiency to communicate over a text-based medium (Slack, GitHub Issues) and can succinctly document technical details
• Prioritises work and escalates issues appropriately
• Experience with vulnerability assessment tools and techniques

Desirable

• Information Security certifications, such as CompTIA Security+
• Project management skills including ability to plan, organise, and execute projects
• Experience with risk management frameworks, and how they can be leveraged to help to identify, assess, and prioritise vulnerabilities based on their potential impact on the organisation

BENEFITS 

• 30 days holidays plus public holidays
• 100% remote work
• Flexible working arrangements
• Statutory benefits
• Health & wellness allowance
• Remote working equipment allowance
• Primary caregiver leave
• Learning days, Udemy and educational reimbursement etc.
• Mental Health support via Spill
• Perlego subscription
• Full details available on our careers page

Form3 appreciates that we all lead different and often really busy lives. We work remotely 100% of the time and many of us work part time. If you’re interested in hearing what different flexible working arrangements may be available, we’d love to chat.   HIRING LOCATIONS

We are able to accept applications from the following countries; Belgium, Czech Republic, France, Germany, Greece, Hungary, Netherlands, Spain, Poland, Portugal, Romania & United Kingdom.   ABOUT US   We are an award-winning cloud-native payment technology provider for financially regulated institutions. Launched in 2016, we've doubled in size year on year as we continue to redefine what a truly instant payment experience means.We celebrate diversity, promote entrepreneurialism and are committed to giving everyone a say in shaping our business. Here you will grow as a person and accomplish incredible things. A career at Form3 is empowering, inspiring and fun. Join us and help shape the future of payments.

 

OUR DEI&B COMMITMENT 

We hire talented people from a variety of backgrounds and experiences and are committed to a work environment based on diversity, open-mindedness and curiosity. We’re united by our company values (we even created them together!) and we celebrate our unique differences. 

Our employee lifecycle processes are designed to embrace equal opportunity and prevent discrimination against our people regardless of personal characteristics. It is our strong belief that the more inclusive and belonging we are as a business, the better our work will be. 

As an inclusive employer, we guarantee to interview all neurodiverse and physically disabled applicants who meet the minimum criteria for this role. We also encourage candidates to notify us of any reasonable adjustments that may be required during the recruitment process. This includes providing job adverts in alternative, accessible formats or adjustments required at interview stage. 

If you consider yourself to be neurodiverse or physically disabled under the UN definition of disability and would like to be considered under this scheme and/or require any reasonable adjustments please let us know by sending an email to careers@form3.tech clearly stating your consent for us to process this data.

For more information please refer to our Recruitment Data Policy.