Job Description
We are a customer-focused business that uses technology to drive innovation in the retail sector. Our goal is to deliver a wide range of high-quality products and provide a seamless shopping experience for our customers.
The Opportunity
We are seeking a senior vulnerability management analyst to join our cyber defence team. As a key member of this team, you will lead vulnerability management, threat intelligence, cloud security posture management, attack surface management and cyber asset management initiatives.
Key Responsibilities
* Configure and operationalise enterprise vulnerability management platforms
* Plan and execute vulnerability scanning, reporting and remediation using risk-based prioritisation
* Collect and curate cyber threat intelligence to support SOC monitoring and proactive response
* Manage cloud security posture across multiple environments, driving identification and remediation
* Run attack surface management, including enumeration and investigation of exposed assets
* Maintain specialist knowledge of new vulnerabilities and TTPs in active exploitation
* Stay current on cybersecurity trends, threats and technologies relevant to retail
* Support cyber defence operations as needed, providing expert guidance on threats and vulnerabilities
* Provide leadership cover for Cyber Defence and act as team point of contact when required
Required Skills and Qualifications
Qualifications and Experience
* 5+ years' experience in a cybersecurity role
* Bachelor's or Master's Degree in Information Security, Cybersecurity, Computer Science or a related field
Technical Skills
* Strong experience in threat and vulnerability management, ideally within retail or another large, distributed environment
* Strong knowledge of Windows, Linux, Active Directory, cloud and networking technologies
* Scripting experience to automate discovery and processing of asset information
* Hands-on experience with threat and vulnerability management, cyber asset management, attack surface management and cloud security posture management tooling
* Experience configuring and maintaining an enterprise vulnerability management solution
* Experience with PCI DSS scanning, reporting and compliance activities
* Professional certifications such as CISSP, CEH, CRTO, GIAC or OSCP
Benefits
We offer a competitive salary and comprehensive benefits package, including our employee discount scheme. We also provide opportunities for professional development and career progression in a dynamic and collaborative work environment focused on innovation and growth.