Springer Nature opens the doors to discovery for researchers, educators, clinicians and other professionals. Every day, around the globe, our imprints, books, journals, platforms and technology solutions reach millions of people. For over 175 years our brands and imprints have been a trusted source of knowledge to these communities and today, more than ever, we see it as our responsibility to ensure that fundamental knowledge can be found, verified, understood and used by our communities - enabling them to improve outcomes, make progress, and benefit the generations that follow.
Visit: group.springernature.com and follow @SpringerNatureThe Cyber Security Team is responsible for the monitoring, vulnerability management, assurance, security architecture, infrastructure, and the secure development lifecycle within Springer Nature.Vulnerability Management Analyst:
We are looking for a Vulnerability Management Analyst who has experience with vulnerability management across our company. Springer Nature's Vulnerability Management (SNVM) focuses on helping our organisation look deeper and see further into the security of the environment to help improve and embed controls across our vast state. SNVM will be responsible for evaluating evidence by combining advanced data analysis and technology tools to produce a sustainable, high quality and efficient approach to managing our ideal state of compliance.
The Vulnerability Management Analyst will be responsible for scoping, scheduling, scanning and remediating any vulnerabilities identified across Springer Nature's state.Responsibilities:
- Reviewing vulnerability telemetry data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets.
- Improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalisation, compliance metrics and detections on assets.
- Partnering with the teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected from internal and external threats.
- Providing support and resolution for scanning and vulnerability remediation reporting issues.
- Working with the business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
- Staying informed about the latest cyberspace vulnerabilities and attack trends.
- Providing technical support for vulnerability management projects.
- Providing analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimisations and solving potential blockers.
- Performing reoccurring and on demand scanning activities of both corporate and cloud environments utilising enterprise platforms.
- Ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
- Interfacing with third-party vendors and other Springer Nature teams in the always evolving vulnerability management process.
- Performing any other relevant duties as assigned by Springer Nature's line management.
- 5+ years of demonstrable experience in Vulnerability Management.
- Technical expertise in vulnerability Management tools and frameworks.
- Extensive experience in Cyber Security with expertise in configuring and using vulnerability scanning tools, verifying found vulnerabilities, researching found vulnerability mitigation solutions, and working with varied business units to mitigate valid vulnerabilities, and creating secure images.
- Planning, scheduling, running and mitigating vulnerability and configuration scans in accordance with the relevant Springer Nature teams.
- Experience in one or more scripting languages. E.g. Perl, Python, Shell Scripting etc.
- Knowledge of high level programming languages is a bonus.
- Prior experience with reverse engineering, malware analysis and forensic tools is a bonus.
- Good understanding of Ethernet, switched LAN and WAN environment and detailed
- understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols
- and management of ACLs.
- Knowledge of logical / physical access control methods, connections alternatives usingprivate, public and wireless solutions, Network/Host Intrusion Detection Engines, Vulnerability Management Tools, Patch Management Tools, Penetration Testing Tools, Anti-Virus/Anti- Spyware solutions.
- Good interpersonal skills.
- Good communicator.
- Able to operate at an advanced level of written and spoken communication.
- Self-motivated, adaptable and effective team player.
In addition, we offer:
- Computer Science degree.
- Cyber Security related certification.
- Food allowance, 7,63 EUR per working day via meal card
- 10% time, or 'hack day'
- Access to LinkedIn Learning via our internal learning and development platform
- Free access to all SN Publications
- Private health insurance for you and your partner and children if applicable - Medis TOP + serious illnesses
- Personal accidents insurance for you
- Possibility of 4 days per week working from home
- Mobile device
- Travel costs for commute card up to max. 40 per month
At Springer Nature we value the diversity of our teams. We recognize the many benefits of a diverse workforce with equitable opportunities for everyone. We strive for an inclusive workplace that empowers all our colleagues to thrive. Our search for the best talent fully encompasses and embraces these values and principles.
Visit the Springer Nature Editorial and Publishing website at for more information about our Research E&P career opportunities.