Summary of Role
6 month fixed term contract, with possibility to extend further.
The Principal Vulnerability Analyst will be responsible for implementing & operating a vulnerability reporting & monitoring solution that delivers relevant information from multiple data sources to support the management of vulnerability risk in line with appetite. The solution will include people, process & technology. The Principal Vulnarabilty Analyst will use this solution to identify trends & patterns, advise senior stakeholders on optimal approaches for timely remediation and track remediation progress.
The role will work as part of a team who are focused on reducing the risk posed by vulnerabilities across the business. They will also work with people across the business who are responsible for remediating the identified vulnerabilities.
We are looking for a collaborative team player with a solid understanding of vulnerability management & proven experience in designing & developing data warehouse solutions. The role will work as part of a team who are focused on reducing the risk posed by vulnerabilities across the business.
The successful candidate will thrive in a fast-paced environment & will both contribute to and be part of a global, multi-disciplined security community with clear vision, direction, and top down support across the business.
- Take ownership of the foundation warehouse solution
- Fully document the foundation warehouse solution to form a baseline
- Fully productionise the warehouse solution (scalability, resilience, support model etc.). To include people, process & technology
- Agree & implement an appropriate development method & test harness
- Extend the function of the warehouse solution based on high level reporting briefs. This will include the design & development of new & modified views, stored procedures, functions etc.
- Extend the function of the warehouse solution with the integration of new source & destination systems
- Assure data reliability & efficiency by implementing automated data cleansing & integrity checks
- Work with PowerBI colleagues to publish business centric vulnerability information
Demonstrable track record over a number of years hands-on experience in this field of:
- Vulnerability reporting & monitoring solutions (Including Data Warehouses / Lakes)
- Design & implementation of vulnerability management warehousing solutions
- Rapidly interpreting complex system schemas to develop efficient & effective warehousing solutions
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- An understanding of organisational mission, values, and goals and consistent application of this knowledge
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Deep Technical expertise in:
- Vulnerability management
- Understanding, interpreting & extending complex system schemas
- Structured Query Language (SQL)
- Procedural Language for SQL
- Frameworks & methodologies such as CVSS, CIS Benchmarking, OWASP
- Vulnerability management tooling including implementation
- Vulnerability remediation tools & techniques
- System security (operating systems, applications), networking, and web applications