About the Role
We are seeking an experienced Vulnerability Management Specialist to join the Data Security Services team within an international IT Production Centre. This role focuses on managing vulnerability management processes across infrastructure supporting multiple regions, including Europe and Asia.
You will play a key role in identifying, assessing, and coordinating remediation of vulnerabilities, working closely with cross-functional teams to strengthen the organisation's security posture in a dynamic operational environment.
Key Responsibilities
- Develop and execute the Vulnerability Management plan across all lifecycle phases
- Schedule, configure, and monitor vulnerability scans, ensuring timely execution and issue resolution
- Perform asset discovery and ensure accurate onboarding into vulnerability management tools
- Assess vulnerabilities, analyse risk exposure, and prioritise remediation actions based on impact
- Collaborate with infrastructure and application teams to drive remediation efforts
- Analyse false positives and facilitate risk acceptance processes with relevant stakeholders
- Maintain dashboards and provide regular reporting to technical teams and management
- Track and ensure compliance with defined KPIs and service levels
- Lead remediation planning for penetration testing findings
- Conduct threat exposure assessments and coordinate response actions
- Engage with stakeholders across regions to ensure alignment and effective communication
- Propose and implement continuous service improvement initiatives
- Stay updated on emerging threats and vulnerabilities and assess their relevance to the environment
- Ensure compliance with internal policies, regulatory requirements, and security standards
Requirements
- 8-10 years of IT experience, including at least 4-7 years in IT Security
- Minimum 4 years of hands-on experience in enterprise-level vulnerability management
- Strong technical knowledge of vulnerabilities across operating systems, networks, databases, and applications
- Experience in prioritising and coordinating remediation using a risk-based approach
- Proven ability to work with cross-functional teams in an IT operations environment
- Hands-on experience with vulnerability management tools such as Tenable (e.g. Nessus, SecurityCenter)
- Strong analytical, problem-solving, and documentation skills
- Ability to manage multiple priorities in a fast-paced environment
- Familiarity with ITIL processes and working in structured, process-driven environments
- Effective communication and stakeholder management skills
Technical & Reporting Skills
- Experience in creating dashboards and reports using tools such as Excel, PowerPoint, or Word
- Familiarity with business intelligence tools (e.g. Power BI) for reporting and visualisation
- Ability to present technical findings clearly to both technical and non-technical stakeholders
Preferred Qualifications
- Professional certifications such as CISSP, GIAC Enterprise Vulnerability Assessor (GEVA), CREST, or equivalent
- Experience within financial services or regulated environments
- Broad understanding of information security domains (e.g. endpoint security, encryption, data protection)
Work Environment & Culture
- Collaborative, multicultural, and international working environment
- Exposure to large-scale, enterprise-level infrastructure and security operations
- Opportunities to work with global teams across multiple time zones
- Emphasis on continuous learning, process improvement, and operational excellence
EA Number: 11C4879
