Principal Vulnerability and Security Posture Manager

We are looking for a Principal Vulnerability and Security Posture Manager to work within the vulnerability management team, you will be working to identify control weaknesses and track vulnerabilities across all aspects of the Admiral estate. We believe that the key deliverable is a reduction in risk across the business. We take a threat-led approach to the identification and treatment of risk. 

Job Purpose

You will drive the production of actionable metrics, providing reporting for consumption by both leadership and security operations. You will be comfortable speaking to board-level executives about vulnerability, risk, and the potential cost to the business. You will prepare high-quality management information reports, assisting us by making key recommendations. Your work will have a significant impact and will create change across the business.

You will be comfortable working at both a strategic level and solving day-to-day tactical problems. 

You will work alongside technical leadership, asset owners, IT personnel and development project teams to ensure that all our services – both those used by our customers and by our staff – are delivered in a secure manner. You will question information that others would take on face value and remain inquisitive to improve the quality of our infrastructure and applications.

We provide a generous training budget. Members of the team have chosen to undertake numerous training courses and further certifications including SANS. We expect you to keep up to date on current security trends, tools, and exposures. We love gamifying security training, and all staff are encouraged to take part in CTFs. You will also be encouraged to attend and speak at conferences, seminars, and industry briefings. 

You will define the structure and manage the team. It is essential that you can provide on the job mentoring and knowledge transfer to junior staff.

Responsibilities

• Define the VM strategy and enable the team to deliver it. 
• Drive automation and seamless end-to-end processes. 
• Scope, plan and carry out vulnerability assessments.
• Work with asset owners and IT Teams to plan and drive vulnerability remediation.
• Write high-quality reports and QA others’ reports. 
• Create actionable metrics and reports for executive and technical leadership.
• Lead assignments to successful completion.
• Work collaboratively with the wider Information Security teams.  
• Coach and mentor team members and assist with knowledge transfer to the wider Information Security and IT teams.

Essential Experience/Skills

• 5 years of experience in vulnerability management.
• 2 years experience in a senior role.
• Reporting and MI tool skills
• Solid report writing skills.
• Familiarity with ‘standard’ vulnerability management/scanning tools (such as Qualys, Tenable.io, Nexpose, Kenna, ServiceNow etc).
• Understanding of the Cyber Kill Chain, MITRE ATT&CK, and other information security defence and intelligence frameworks.

Desirable Skills

• Familiarity and understanding of at least one cloud platform such as Microsoft Azure, Amazon AWS, or Google GCP.
• Programming or scripting skills in at least one modern computer language.
• One or more of the following:
  • (ISC)2 Certification such as CISSP
  • GIAC Certification such as GSIF, GSEC, GMON 

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're consistently voted one of Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.

If you think this role is for you and would like to be considered for this opportunity, please click “apply now” to complete an online application form.

#LI-CC1