Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to secure Bloomberg's web infrastructures against evolving threats and vulnerabilities.
- Company: Bloomberg is a leading global financial services firm dedicated to security and innovation.
- Benefits: Enjoy a diverse workplace, opportunities for growth, and the chance to work with cutting-edge technologies.
- Why this job: Make a real impact on security while collaborating with talented professionals in a dynamic environment.
- Qualifications: 5+ years in Web Security; expertise in network architectures and scripting languages like Python required.
- Other info: Bloomberg values diversity and is committed to creating an inclusive workplace.
The predicted salary is between 43200 - 72000 £ per year.
Our Team:
The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure the confidentiality, integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner.
We report to the Chief Information Security Office (CISO) who owns the technical aspects of this mission by ensuring Bloomberg products, systems, networks and commercial applications are built and maintained with security in mind.
We work on purpose. Come find yours.
What’s The Role?
We are seeking an Information Security Professional to help ensure that our Web Infrastructures are built to defend against the latest threats. You will be responsible for analyzing and assessing vulnerabilities across a wide range of technologies. You\’ll engage with various technology partners to validate and manage identified vulnerabilities through remediation. You will work directly with other cross-department security engineering and incident response teams to set strategic direction for our enterprise Threat and Vulnerability Management program.
This is a team that drives company-wide initiatives to improve the effectiveness of Bloomberg’s security posture. Analysts in this role must show exemplary judgment in making technical decisions to achieve business goals. You\’re expected to always demonstrate resilience and navigate difficult situations with composure and tact.
We\’ll Trust You To:
-
Perform Web Security assessments and partner with other security or IT professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls.
-
Participate in the introduction of technologies to improve Threat and Vulnerability Management operations.
-
Build strong partnerships with technical teams to promote best practices for managing vulnerabilities across traditional infrastructure and in cloud environments.
-
Understand business requirements and work with business partners to define appropriate solutions to meet both security mandates and business needs.
-
Help standardize work-flows, processes, procedures and reporting.
-
Produce metrics and key performance indicators that demonstrate the effectiveness of the team’s remediation efforts.
-
Improve the design and usefulness of our IT Security management tools and solutions.
You’ll Need To Have:
-
5+ years of experience in Web Security, Operations, Engineering or Systems Management.
-
Hands-on expertise working with enterprise network architectures, operating systems, system administration or as a security engineer.
-
Knowledge of web application security and system hardening best practices; including but not limited to web frameworks, open source technologies and software development life cycle (SDLC) processes.
-
Experience working with scripting languages like Python to ingest and process data.
-
Strong understanding of web application security threats, vulnerabilities, countermeasures including the use of Defensive Headers and Transport Layer Security (TLS).
-
Strong understanding of domain name services (DNS), including threats related to the misconfiguration of DNS records.
-
Experience analyzing vulnerability findings from IT and security tools.
-
An understanding of information security standards and best practices such as OWASP, NIST, CVE, CPE and CVSS.
-
Ability to interpret complex data sets to make informed risk-based decisions.
-
Can effectively manage complex tasks, projects, and initiatives.
-
Strong written and verbal communication skills.
We\’d love to see:
-
Experience with reputational scoring services such as Bitsight, Security Scorecard or Panorays.
-
Experience using attack surface management (ASM) and attack surface discovery (ASD) solutions.
-
Experience using web application testing tools and commercial scanners (e.g; Burp Suite, Edgescan, InsightAppsec).
-
Experience using Application Programming Interfaces.
-
Understanding of virtualization and public cloud tech stacks.
-
Ability to learn and implement technologies quickly.
-
A bachelor\’s degree in Computer Science, Engineering, or other related fields.
-
One of more Information Security oriented professional certifications.
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email
#J-18808-Ljbffr
Threat & Vulnerability Web and ASM Analyst London, GBR Posted yesterday employer: Bloomberg L.P.
Contact Detail:
Bloomberg L.P. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Threat & Vulnerability Web and ASM Analyst London, GBR Posted yesterday
✨Tip Number 1
Familiarise yourself with the latest web security threats and vulnerabilities. Stay updated on trends in the industry by following relevant blogs, forums, and news sources. This knowledge will help you engage in meaningful conversations during interviews.
✨Tip Number 2
Network with professionals in the information security field, especially those who work in threat and vulnerability management. Attend industry conferences, webinars, or local meetups to build connections that could lead to referrals or insider information about the role.
✨Tip Number 3
Demonstrate your hands-on experience with relevant tools and technologies. If you've used web application testing tools or scripting languages like Python, be prepared to discuss specific projects or challenges you've tackled using these skills.
✨Tip Number 4
Prepare to showcase your problem-solving abilities. Think of examples where you've successfully navigated complex security issues or improved processes. Highlighting your resilience and composure in challenging situations will resonate well with the hiring team.
We think you need these skills to ace Threat & Vulnerability Web and ASM Analyst London, GBR Posted yesterday
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in web security, operations, and systems management. Emphasise your hands-on expertise with enterprise network architectures and any specific technologies mentioned in the job description.
Craft a Strong Cover Letter: In your cover letter, express your passion for information security and how your skills align with the role. Mention specific experiences that demonstrate your ability to assess vulnerabilities and work collaboratively with technical teams.
Showcase Technical Skills: Clearly outline your knowledge of web application security best practices and any experience with scripting languages like Python. Highlight your familiarity with security standards such as OWASP and NIST, as these are crucial for the role.
Prepare for Potential Questions: Anticipate questions related to your experience with vulnerability assessments and incident response. Be ready to discuss how you've managed complex tasks and projects in previous roles, showcasing your problem-solving abilities.
How to prepare for a job interview at Bloomberg L.P.
✨Showcase Your Technical Expertise
Be prepared to discuss your hands-on experience with web security, network architectures, and system administration. Highlight specific projects where you successfully identified and mitigated vulnerabilities.
✨Demonstrate Problem-Solving Skills
Expect scenario-based questions that assess your ability to navigate complex security challenges. Use examples from your past experiences to illustrate how you approached and resolved similar issues.
✨Foster Collaboration
Emphasise your ability to build strong partnerships with technical teams. Share instances where you worked collaboratively to promote best practices in vulnerability management and security assessments.
✨Communicate Clearly
Strong communication skills are essential for this role. Practice articulating complex technical concepts in a clear and concise manner, ensuring that you can effectively convey your ideas to both technical and non-technical stakeholders.
