Senior Vulnerability Management Analyst

Company Description

Let’s create a more sociable future together

At Endeavour, we’re totally into what we do. With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, we love to bring people together. Together we share our passion for our products and industry; it’s what inspires us to dream big, and continue to create new experiences for our customers and teams across Australia. If you thrive on positive energy, we want to meet you!

Job Description

• Be uniquely you, come as you are 
• Work within an industry leading business
• Be a key player within the Cyber Security strategy

Please note, this role is a 12 month fixed term contract.

As a  Senior Vulnerability Management Analyst, you will be a critical part of the Endeavour cybersecurity team and a key implementer of the Cyber Security strategy via engagement with stakeholders, both in the business and operations side .

The ideal candidate will oversee assurance and provide guidance on implementing a proprietary Control framework for the organisation. This involves collaborating with both business and technical teams to devise remediation plans and offer insights on optimal outcomes to mitigate risks using the approved frameworks used by Endeavour Group..

In this position, you'll also be tasked with evaluating and addressing findings from stakeholder interactions, focusing on Vulnerability assurance and advice to safeguard organisational infrastructure and mitigate key risks. You will need to identify, assess, and manage cybersecurity vulnerabilities including infrastructure, cloud and penetration testing within the Endeavour group and its affiliated banners. A significant portion of the role involves nurturing relationships with stakeholders to effectively address cybersecurity vulnerabilities.

Additionally, you'll closely collaborate with the Cyber Security Risk team to ensure ongoing management and awareness of current risk exposure. You'll also liaise with the application security and architecture teams for any penetration testing engagements.

Sound good? Read on.

Here is a taster of what you can expect in this role:

• Be responsible for the Management of the end to end implementation of approved control frameworks and provide recommendation to help business prioritise remediation, aligning with the Cyber Security Strategy
• Be responsible for the Vulnerability Management strategy and implementation 
• Be responsible for managing penetration testing activities from owning the framework to liaising with third parties and business stakeholders 
• Be responsible for the testing of critical controls in relation to critical Assets and identifying key threat exposures
• Be responsible for managing zero days by providing advice on the exposure and probability of exploitation of vulnerabilities in the EGL Landscape.
• Be responsible for the reporting of the current state of control effectiveness and vulnerabilities reporting
• Be responsible for  identifying, triaging and managing cybersecurity vulnerabilities within the Endeavour group and its banners and the threat exposure. The role will be internally faced with a strong need to manage relationships with stakeholders to ensure the optimal management of cybersecurity-related vulnerabilities.
• Provide active support in remediation activities pertaining to organisational and cloud infrastructure needs.
• Work closely with the Cyber Risk Team to manage the remediations of risks.
• Create awareness and perform analysis of new vulnerabilities that are to be communicated to the teams. 
• Conducting assurance of the state of vulnerability remediations in the organisation via tool sets.
• Contribute to Cyber Security standards and central cyber strategy when required (post assurance work) under the guidance of the Security Architecture Team

Qualifications

Now let’s talk about you: 

• Be proficient in well-known Control Frameworks such CIS Top 18,MITRE, OWASP, SANS, PCI-DSS and NIST CSF and have the willingness to learn any other approved Frameworks 
• Extensive hands-on experience in Controls Assurance
• Strong experience in Vulnerability Management and experience in any SCAP compliant tools
• Innovative mindset to resolve issues and align with business needs
• Proven ability in providing advice on configuring and integrating systems
• Proven skills in managing vendor relationships.
• Ability to interact with broad range of stakeholders to explain and enforce Security measures
• Ability to conduct a range of assessments, including maturity assessment, stakeholder requirements, on a wide variety of projects.
• Self-motivated and able to manage multiple priorities and tasks concurrently.
• Relationship building capability with experience of dealing with people at all levels and across cultures

The benefits are good too! 

• We offer flexible working in every sense
• An exclusive discount card for BWS, Dan Murphy’s, Woolworths, BIG W and other Endeavour Group brands, including our ALH pubs
• Monthly meeting-free days 
• Your health and wellbeing is your most important asset, and as one of our valued team members, it’s our first priority. You will have a range of free services to help you live well and support your physical, mental and financial wellbeing
• Endeavour Group is full of opportunities - use our dedicated learning and development options to grow an idea, yourself, and your career. This is just the start, so dream big.

At Endeavour, we value being a workplace where everyone’s welcome - if you meet a number of the requirements (and not all), we encourage you to apply.

Additional Information

We are together creators

With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, Endeavour Group is big on sociability. Together we create the moments that bring millions of people together. And together we have more fun, create more opportunities, and score a lot more goals. We’re serious about creating a safe, inclusive and fun place to rock up to where equal opportunity is key, and flexibility is part of how we roll.  

We’re all about creating a more sociable future - for our customers and each other. If this job excites you - and you’re close-enough on the requirements, reach out, we’d love to hear from you.

You can learn more about working with us on LinkedIn or at endeavourgroupcareers.com.au.

Our Talent Team and Hiring Leaders kindly request no unsolicited resumes or approaches from Recruitment Agencies. Endeavour Group is not responsible for any fees related to unsolicited resumes.

#WeAreTogetherCreators #ComeAsYouAre #DreamBig #FeelTheEnergy #LeaveYourMark #EndeavourGroup