Technical Manager-Vulnerability Management

Thorpe St Andrew
11 Nov 2017
16 Nov 2017
Contract Type
Full Time
Role: Technical Manager-Vulnerability Management Job type: Permanent Location: Norwich, UK Expected salary: Job description: The security of our Client's IT environments is critical ensuring thesafety of our client customer data. Cyber criminals are looking toexploit weaknesses in security systems to steal or maliciously impactthe data contained within our client systems. This role exists to operate and improve our client's VulnerabilityManagement via the delivery of a Global Vulnerability Managementservice. This role takes personal accountability during Major VulnerabilityIncidents and is accountable for ensuring resolution of Critical andPriority patching. The demands of this role are such that disruption24x7 can be expected, demanding high degrees of flexibility andresilience. The scope of the role is to support all our client's geographies andbusiness units. Role Purpose: To build and operate a Global Vulnerability Management area tosupport all CIO teams and suppliers with vulnerability resolution and patching. The development of Vulnerability management strategy andimplementation of systems and processes to ensure swift resolution ofidentified vulnerabilities. Central ownership of Vulnerability incidents and resolution plans/activities. Chair of the TVSG Key aspects of role: ACCOUNTABILITIES / OUTPUTS Accountability for managing the Vulnerability Management team Direct management of Operational Costs Lead supplier management activities within the team Develop clear strategy and roadmap in-line with Service Improvement programs Drive operational efficiencies through the exploitation of technology Provide excellent levels of leadership for both internal and partner resources. Drive exceptional levels of service security through regular patchingand maintenance To be a highly experienced problem solver who is confident inmanaging multiple teams/suppliers to achieve resolution of incidents. Success factors All patches applied globally in lines with control BUP-C-143. All suppliers globally meeting or exceeding our client's patching requirements. All vulnerability incidents resolved within the timelinescommunicated via the CISO triage process. Development and ongoing maintenance of a central patch repository todetail the latest patch level for all commonly used software. Effective risk and control frameworks that minimise risk exposuresand resolve issues swiftly. Provide executive updates on patching and incidents No vulnerabilities older than 6 months which have treatment plans. Reducing vulnerability numbers IT SLAs and controls Service Risk Supplier spend and SLAs QUALIFICATIONS ITIL Foundation, or relevant experience SKILLS/KNOWLEDGE Supplier Management Working and engaging at a senior executive level Security patching and maintenance Monitoring technologies and software Application Development Lifecycle Service Management experience Business orientation, able to translate IT into business terms Ability to influence others effectively to achieve the required outcome Strong problem solving abilities Ability to work in a time-pressured environment EXPERIENCE IT Service Management ITIL Previous experience of delivering and managing patching andmaintenance of IT systems Data manipulation experience Previous Service Management (Incident, Problem, Change, EventManagement) experience. Relevant financial services industry experience Working with and managing outsourced IT services and suppliers Strong IT Infrastructure knowledge - provided by Dice ITIL, SERVICE MANAGEMENT, SLA, SUPPLIER MANAGEMENT, SWIFT