Vulnerability Management Architect

Vulnerability Management Architect - Product Selection and Design

5 Month Contract - Outside IR35

Hybrid - travel to Bracknell and London, Pimlico as and when required

Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework.

Accountabilities:

• Explore and document our baseline vulnerability management architecture
• Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will need to support
• Build out and evaluate the drivers and benefits for change
• Provide market assessment as appropriate, partnering with our procurement teams as needed
• Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic)
• Compile vendor solution options to address the above (with cost, transition, benefit high level analysis)
• Complete high-level design for the deployment in a future year
• Scope and supporting costing of future project work for the future implementation of the proposed architecture
• Understand and gain alignment with related architecture strategies (including device management and platform strategies)
• Collaboratively working with other solution and enterprise architects to drive secure solutions (across people, process and technology)

Experience Required:

• Expert-level knowledge and experience with technical deployments of exposure / vulnerability management systems for large enterprises, across a diverse technology stack (IaaS/PaaS/SaaS/physical/mainframe/hybrid-cloud) and delivery lifecycles (Project/COTS applications, DevOps)
• Expertise with Qualys and other vulnerability and exposure management technologies
• Expertise in the full vulnerability management lifecycle
• Vendor and market analysis and engagement
• Ability to translate technical information into Risks, Threats, and Vulnerabilities for both a technical and non-technical audience
• Cloud based security (AWS/GCP), with a specialism in vulnerability management
• Self-starter, able to work in technical detail and motivate a diverse group of stakeholders to build sponsorship for significant and impactful change

Desired:

• Establishing observability platforms
• Capabilities adjacent to exposure/vulnerability management capabilities (ie cyber security asset management, attack surface management, etc)
• Pragmatic application of zero-trust philosophies
• Cloud based security (GCP, AWS and Azure)
• Pentest scoping and analysis experience
• Application security
• Threat modelling

To apply for this position please submit your CV.

Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.