**Cork or Dublin based** Hybrid- 2 days office ** Permanent Role**The Role:Based in Cork or Dublin and reporting to the Cyber Security Manager, RVM Lead role leads the enterprise-wide Threat and Vulnerability Management (TVM) programme, ensuring proactive identification, assessment, prioritisation, and remediation of cyber risks across IT, OT, and cloud environments. The Risk and Vulnerability Management Lead drives continuous improvement in risk posture through advanced threat hunting, security assessments, cyber threat intelligence integration, attack surface management, insider threat detection, incident response readiness, and robust reporting and metrics. Acting as the subject matter expert for vulnerability management and cyber resilience, the role collaborates with technical and business stakeholders to safeguard critical assets and enable secure business operations.Duties and Responsibilities:Threat & Vulnerability Management (TVM)Lead the design, implementation, and operation of the TVM programme, covering IT, OT, and cloud environmentsOversee vulnerability scanning, detection, classification, and assessment using industry-standard tools (e.g., Qualys, Tenable, Rapid7)Ensure risk-based prioritisation of vulnerabilities using CVSS, asset criticality, and real-time threat intelligenceDrive remediation planning and execution, including emergency patching and coordination with system/application ownersMaintain comprehensive vulnerability reporting, dashboards, and historical trend analysis for stakeholders.Lead vendor relationship and performance management for the TVM managed service, ensuring quality standards, and integration with internal workflows.Threat Hunting & Security AssessmentsConduct proactive threat hunting across enterprise telemetry (EDR, SIEM, network, cloud) to identify emerging risks and suspicious activityLead and coordinate security assessments, including penetration testing, red and blue team exercises, and regulatory reviewsIntegrate findings from threat hunting and assessments into the TVM and incident response processes.Cyber Threat Intelligence (CTI)Ingest, analyse, and operationalise cyber threat intelligence feeds to contextualise vulnerabilities and inform risk decisionsMonitor the global threat landscape for new vulnerabilities, attack patterns, and threat actor behavioursParticipate in industry threat intelligence sharing communities (e.g., ISACs) and collaborate with trusted partners.Attack Surface ManagementMap and continuously monitor GNI attack surface, including external exposures, cloud assets, and third-party connectionsIdentify and assess changes in the attack surface structure resulting from new deployments, data or information flow integrations, or business initiativesRecommend and implement controls to reduce exposure and harden critical assets.Insider Threat DetectionDevelop and maintain insider threat detection capabilities, leveraging behavioural analytics, DLP, and SIEM integrationsInvestigate anomalous activity and coordinate with HR, legal, and compliance teams as requiredIncident Response ReadinessEnsure TVM processes are tightly integrated with incident response playbooks and workflowsLead vulnerability-driven incident investigations and coordinate rapid containment and remediation actionsConduct post-incident reviews and root cause analyses, integrating lessons learned into continuous improvement.Cloud & Third-Party Risk Assessment (TPRA)Oversee vulnerability management and risk assessments for cloud platforms (Azure, AWS, GCP) and SaaS applicationsSupport third-party risk assessments (lead by Information Security team), ensuring vendors and partners meet enterprise security requirementsIntegrate cloud and third-party risk assessment findings into overall risk posture and reporting.Reporting & MetricsDevelop and maintain executive dashboards and detailed reports on vulnerability status, remediation progress, risk trends, and security postureTrack and report key TVM/RVM metrics with overall risk reduction over timePresent findings and recommendations to senior management, board, and regulatory bodies as required.Mentorship & CollaborationGuide junior analysts in advanced threat and vulnerability management practices, while partnering with architects, project teams, and OT stakeholders to ensure robust cyber risk mitigation across IT, OT, and cloud environments.Knowledge, Skills and Experience:Degree in Information Security, IT, or related discipline; advanced degree or certifications (CISSP, CISM, CEH, GIAC) preferred5+ years' experience in cyber risk, vulnerability management, or security operations, with demonstrable leadership in TVM programmesHands-on expertise with vulnerability scanning tools (Qualys, Tenable, Rapid7), SIEM, EDR, and threat intelligence platformsStrong understanding of CVSS scoring, exploitability, risk prioritisation, and regulatory frameworks (NIST, ISO, GDPR)Capacity to assess risk scenarios, prioritise actions, and propose pragmatic solutions under pressure is essentialExperience with cloud security, third-party risk assessment, and incident responseAbility to balance tactical remediation with long-term risk reduction and continuous improvement.Excellent communication, stakeholder management, and reporting skills.CISSP, CISM, CEH, GIAC (GCIH, GSEC), CompTIA Security+, Azure/AWS/GCP Security Specialist advantageous.Applications, including current Curriculum Vitae, should be emailed to the following address stating the job title and reference number in the subject line of your email:The closing date for receipt of applications for this vacancy is the5 January 2026.Please note that applications submitted after this closing date will not be accepted.Gas Networks Ireland is an equal opportunities employerWe are committed to providing a diverse and inclusive place of work and have a robust strategy and framework called ibelong to enable this. We are an equal opportunity employer and through our recruitment process we welcome and encourage applications from interested and suitably qualified individuals regardless of gender, age, racial or ethnic origin, membership of the traveller community, religion or beliefs, family or civil status, sexual orientation/gender identity or disability.GNI will only hold your data for as long as necessary. By providing a CV to GNI you are agreeing for GNI to process this information about you. If you have any question about how GNI processes your data, please see ourPrivacy Notice. If you have further questions, you can contact us