- Company Name
- VIQU IT Recruitment
- Job Title
- Senior Vulnerability Management Engineer
- Job Description
-
Job title: Senior Vulnerability Management Engineer
Role Summary:
Drive enterprise-scale vulnerability and threat management, owning vulnerability discovery, analysis, and remediation across the organization’s technology estate, with a focus on warehouse and operational technology environments.
Expactations:
- Lead the vulnerability management program, ensuring tools, processes, and metrics meet industry best‑practice standards.
- Provide on‑call support as part of a shift rota, mentoring junior staff and collaborating with incident response and change management teams.
- Communicate findings and recommendations to technical teams and senior stakeholders, maintaining clear, actionable reporting.
Key Responsibilities:
- Maintain and configure vulnerability scanning tools and risk reporting platforms.
- Identify, triage, assess, and assign vulnerabilities to appropriate remediation teams.
- Advise on mitigation strategies and coordinate mitigation efforts for critical threats.
- Support incident response investigations and contribute to root‑cause analysis.
- Plan, scope, and deliver vulnerability‑related projects, tracking progress and deliverables.
- Review cyber threat intelligence, validate findings, and update internal threat models.
- Produce concise reports for diverse audiences, including senior leadership.
- Document procedures, maintain metrics, and ensure high‑quality technical documentation.
- Serve as a subject‑matter expert and mentor to less experienced team members.
Required Skills:
- Extensive experience managing vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7).
- Deep knowledge of information security concepts, malware, attack vectors, and vulnerability frameworks (CVSS, CVE, CWE, OWASP, MITRE).
- Strong IT fundamentals: network protocols, Windows Server, Linux, server infrastructure.
- Familiarity with change‑management processes and operating under pressure.
- Operational technology (OT) vulnerability scanning and SCADA/PLC system awareness.
- Cyber Threat Intelligence (CTI) monitoring and analysis capabilities.
- Excellent analytical, prioritization, communication, and report‑writing skills.
- Desirable: experience with PCI‑DSS, ISO 27001, retail environments, cloud infrastructure, DevOps/code‑scanning, TIP management, offensive security, and AI‑assisted security workflows.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- Relevant security certifications (e.g., CISSP, CEH, SSCP, OSCP) preferred but not mandatory.
Wakefield, United kingdom
Hybrid
Senior
25-11-2025