Roles
Starling Bank
Information Security Lead - Vulnerability Management
Explore roles
This role has expired
Starling Bank
Information Security Lead - Vulnerability Management
London
Hybrid
Description
Hybrid requirements: This role has flexible working patterns.
We are seeking a highly motivated and experienced Vulnerability Manager to lead a growing vulnerability management team. A successful candidate will work with the team to analyse emerging vulnerabilities provided by threat intelligence sources and penetration testing. The vulnerability manager will collaborate with various technology and engineering teams to share vulnerability findings, provide guidance, and assist through the remediation process. This person will help present this information in a simple digestible format, and coordinate remediation and mitigation efforts with teams across remote and office locations. There will be opportunities to guide continual improvement of the vulnerability management process.
Responsibilities
Lead a team of information security professionals to:
Assess, investigate and provide guidance on emerging vulnerabilities, incorporating information from threat intelligence sources, internal software and infrastructure scans.
Collate and prioritise applicable vulnerabilities based on Starling Bank’s environmental factors and risk frameworks
Collaborate with relevant technology (security, engineering, workplace technology, data, infrastructure) teams to ensure resolution of findings within agreed timeframes.
Track and report on progress of mitigations/resolutions to relevant audiences
Identify trends and themes in issues which occur and work collaboratively with wider teams to develop process and procedure improvements.
Understand the assets and/or applications at risk from a vulnerability and be able to articulate the potential threat to the Bank in a way anyone in the business could understand.
Alignment of risk assessment approach for vulnerabilities to the Bank’s risk appetite, operational and information risk frameworks.
Promote vulnerability management standards, procedures & guidelines, and best practices outside the security functions.
Drive continuous improvement of the vulnerability management approach to ensure prioritisation of tasks is continually effective and mitigating risk to the Bank ongoing.
Contribute to the development and enhancement of the Bank’s information risk framework.
Requirements
Experience in a similar role leading, developing and motivating a team of subject matter experts
Strong written and verbal communication skills to effectively collaborate with cross-functional teams and stakeholders
Capability to understand the bigger picture while effectively managing details
Ability and willingness to learn new technologies and adapt to evolving security landscapes
Practical experience in Vulnerability Management fields, including:
Endpoint Vulnerability Scanning
Vulnerability Intelligence
AppSec Vulnerability Management
Vulnerability Management of cloud native workloads
External Attack Surface Management
Technical knowledge in the following areas is desirable:
Cloud (AWS, GCP)
Containers
MacOS and Windows
Data analysis and SQL
Role tech stack
Starling Bank
Information Security Lead - Vulnerability Management
London
This role has expired