The Senior Vulnerability Management Analyst is responsible for identifying, assessing, and prioritising vulnerabilities across our systems and networks.

This role requires a strong understanding of information security principles, good analytical skills and a proactive approach to address security challenges.

Key Responsibilities:

• Lead and manage vulnerability assessments, ensuring comprehensive coverage and accuracy of scans across the organization's infrastructure
• Perform in-depth analysis to identify critical security weaknesses, misconfigurations, and potential attack vectors
• Provide expert guidance on risk prioritization and effective remediation recommendations in collaboration with technical teams
• Possess an offensive security mindset and contribute to purple teaming exercises, as well as conduct Proof of Concepts to validate and exploit identified vulnerabilities
• Continuously monitor and assess emerging threats, zero-day vulnerabilities, and security advisories, using insights to refine vulnerability prioritization, drive targeted remediation efforts, and strengthen overall security posture
• Mentor and provide technical guidance to junior analysts, fostering skill development and knowledge-sharing within the team
• Generate detailed reports and executive summaries on vulnerability findings, risk assessments, and remediation progress, utilizing tools like PowerBI (experience with PowerBI is a plus)
• Experience with scripting and automation is a plus

Qualifications:

• 5+ years of experience in vulnerability management, security assessments, or related cybersecurity roles.
• Strong understanding of vulnerability frameworks, including CVE, CVSS, CIS benchmarks, and DISA STIGs.
• Excellent communication and stakeholder management skills, with the ability to articulate security risks to technical and non-technical audiences.
• Familiarity with compliance and regulatory requirements such as PCI-DSS, ISO 27001, and NIST frameworks.
• Scripting or automation skills (e.g., Python, PowerShell) for process optimization is a plus.