Vulnerability & Threat SME (SC Clearance)

Active SC is required.

Key Responsibilities

1. Drive day-to-day vulnerability scanning, triage, reporting, and remediation tracking across multiple business units.
2. Serve as the subject matter expert for vulnerability management, contextualising scan results using threat intelligence and business risk.
3. Combine vulnerability data with active threat intelligence to prioritise critical exposures and reduce real-world risk.
4. Work closely with IT Operations, infrastructure teams, and resolver groups to accelerate patching and explain business impact.
5. Guide vulnerability analysts, improve operational processes, and help transition the function from reactive response to proactive risk reduction.

Key Requirements

1. Strong hands-on expertise in enterprise vulnerability management within large, complex environments.
2. Proven experience with tools such as Tenable, Qualys, or Rapid7, and ability to translate scan output into actionable remediation plans.
3. Demonstrated ability to merge CVE data and threat intelligence to drive risk-based prioritisation.
4. Experience guiding analysts or leading operational cyber teams with accountability for performance.
5. Ability to bridge technical security issues with IT and business stakeholders, driving ownership and faster remediation.