At BGL Insurance, we are looking for an individual with technical experience in cyber security who has been proactive in researching risks, vulnerabilities and remediation steps. As a Senior Vulnerability Analyst, you will be responsible for technically assessing our risks through scanning tools and analysis, further interpreting into actionable steps with the relevant teams. Analysis will include identifying trends & patterns, advising on remediation approaches to provide appropriate timely remediation.
You’ll work in collaboration with software engineering teams, reviewing the pen test schedule and recommending new pen test requirements to architecture teams. This role will lend itself to you if you have a good understanding of enterprise system, cloud, network and/or application architecture.
As an SME Your key purpose is leading on:
- Configuring, operating and supporting vulnerability management technologies and toolsets
- Conducting and co-ordinating penetration tests across our IT infrastructure, applications and services, and providing subject matter expertise recommendations towards the development of appropriate pen test and remediation plans.
- Operating and managing vulnerability scanning toolsets; reviewing the output, applying analysis and triaging the risk with the business. Analysis will include identifying trends & patterns, and advising on timely and appropriate remediation approaches
- Providing clear, concise communication with key technical and non-technical stakeholders so that vulnerabilities are understood and appropriately addressed
- Tracking and ensuring remediation of vulnerabilities is met within SLA
- Supporting and reviewing vulnerability results of network asset scan, static code analysis and dynamic code analysis.
- Establishing and maintaining strong, collaborative working relationships with technology infrastructure, application, and architecture teams
What will it take to be successful as a Senior Vulnerability Analyst?
As our Senior Analyst you’ll be given accountability with some stretch to grow and build on your experience, you’ll need to be comfortable with supporting and taking the lead on activities and being a collaborative team player.
Minimum must haves:
- Experience of Infrastructure/Application support or Cyber Security
- Demonstrate knowledge of Common Vulnerabilities Exposure (CVE) and Common Vulnerability Scoring System (CVSS) industry standards
- Experience using 3rd party tools to perform vulnerability analysis and the reporting of systems (e.g. Qualys, OutPost24)
- Understanding of security principles outlined in OWASP, NIST, and similar frameworks.
Diversity and Inclusion: We're a diverse community of dedicated, innovative and talented professionals. With an inclusive and open workplace, we encourage our people to create and share ideas – supporting their growth and celebrating their uniqueness.
Flexible working: We understand the importance of achieving a healthy lifestyle balance, whether it’s working remotely or flexibly we have an environment where people are empowered to embrace flexible working in a way that works for them and for the business. We have adapted a hybrid working model here at BGLi.
We are committed to offering equal chances to you throughout our application process, so if you require any special adjustments to be made please let us know. We’ll work with you to make any appropriate arrangements.