Contractor job Vulnerability Management Specialist Cloud

Vulnerability Management Specialist Cloud
6 Month contract initially
Based: Hybrid, with 4 days onsite in Reading
Rate: £375 - £425 p/d - (via Umbrella company)

We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Vulnerability Management Specialist Cloud to join the team.

The Vulnerability Specialist is responsible for working with all the stakeholders within Security and throughout the business for developing and enforcing the strategy and vision for end 2 end vulnerability management along with the execution on reducing the biggest risk on Cloud.
The role is accountable for the key vulnerability managed areas, including but not limited to, vulnerability assessment, vulnerability hunting, vulnerability research and vulnerability risk management. You must manage the partnerships with key stakeholders providing efficient and consistent vulnerability management services that allows the business to grow. This role must understand the gaps that exist in process, tooling and results and then drive to continually close these gaps.

Key Responsibilities:
1. Support Daily Operations
o Conduct vulnerability scans, analyse reports, and triage vulnerabilities.
o Proficient with Cloud vulnerabilities management - AWS, GCP
o Rapid7 CloudSec, Cloud Vulnerability Management - AWS & Google (GCP).
o Automate repetitive tasks using scripting or tools to enhance efficiency.
2. Contribute to Process Design
o Collaborate in designing and implementing scalable vulnerability management processes.
o Provide technical insights to ensure processes are aligned with organisational needs.
3. Collaborate with Stakeholders
o Support partnerships with internal teams and external vendors to improve vulnerability remediation.
o Foster cross-functional collaboration to address vulnerabilities effectively.
4. Metrics and Reporting
o Provide inputs to define actionable metrics for executive-level briefings.
o Track and report on vulnerability trends and operational performance.
o Use predictive analytics to identify and forecast trends in vulnerabilities.
5. Mentorship and Team Development
o Share technical expertise with junior team members to foster growth.
o Develop micro-learning modules or hands-on labs for continuous team skill enhancement.
6. Policy Review and Compliance
o Assist in the annual review of policies, standards, and processes to ensure compliance with ISO27001.
o Provide technical inputs for identifying gaps and developing improvement roadmaps.
7. Process and Standards Improvement
o Ensure adherence to quality standards and identify areas for improvement.
o Consolidate overlapping responsibilities to streamline processes.
8. Support Security Teams
o Assist other Group Security teams by providing vulnerability-specific intelligence.
o Contribute to building a shared knowledge repository for all teams.
9. Incident Support
o Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects.
o Use post-incident reviews to pre-empt vulnerabilities and improve resilience.

Key Skills & Experience:
o Strong understanding of vulnerability management processes, tools, and frameworks (e.g., Rapid7, Nessus, Qualys, OpenVAS).
o knowledge in scripting languages (e.g., Python, PowerShell) for automation.
o Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS Controls).
* Analytical Skills:
o Ability to conduct risk assessments and prioritise vulnerabilities based on business impact.
o Experience in creating and interpreting metrics and reports for stakeholders.
* Communication and Collaboration:
o Excellent written and verbal communication skills for reporting and stakeholder engagement.
o Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors.
* Problem-Solving:
o Experience in incident response and remediation strategies for vulnerabilities.
o Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics).
* Leadership and Mentorship:
o Proven ability to mentor junior team members and contribute to team skill development.
* Experience in fostering a culture of knowledge sharing and continuous improvement.

This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible.


LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.