Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead vulnerability management across cloud and on-prem environments, automating processes and collaborating with teams.
- Company: Join a global media powerhouse undergoing a major tech transformation over the next 3-5 years.
- Benefits: Enjoy flexible work with 2 days on-site, competitive salary, and opportunities for professional growth.
- Why this job: Be part of an exciting transformation, drive impactful security initiatives, and work with diverse stakeholders.
- Qualifications: Technical degree in Information Systems, experience in Vulnerability Management, and strong scripting skills required.
- Other info: We encourage applications from underrepresented groups and support accessibility needs.
The predicted salary is between 54000 - 126000 £ per year.
A global media company is looking to hire a Security Engineer - Vulnerability Management to take ownership of vulnerability remediation across a cloud and on-prem environment. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful candidate will drive and automate the vulnerability management programme across this business.
Duties and Responsibilities:
- Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools.
- Create and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as NIST or ISO 27001.
- Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed.
- Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go.
- Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively.
- Scope and coordinate penetration testing activities; track remediation and risk acceptance outcomes.
- Monitor, measure, and report on vulnerability management performance, including KPIs, SLAs, and risk metrics.
Your Background:
- A technical degree in Information Systems or similar.
- Extensive experience with Vulnerability Management across both cloud and on-prem environments.
- Hands-on experience with Tenable and integration of VM tooling into CI/CD pipelines.
- Strong scripting skills using languages such as Python, Bash, PowerShell, or Go.
- Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack.
- Ability to scope penetration tests and manage findings through to remediation.
- Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS.
- Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders.
We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs.
If this role is of interest, hit the apply button now!
Security Engineer - Vulnerability Management employer: Spencer Rose Ltd
Contact Detail:
Spencer Rose Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer - Vulnerability Management
✨Tip Number 1
Familiarise yourself with the specific tools mentioned in the job description, particularly Tenable. Having hands-on experience or even a solid understanding of how to implement and maintain vulnerability management programmes using this tool will set you apart from other candidates.
✨Tip Number 2
Brush up on your scripting skills, especially in Python, Bash, PowerShell, or Go. Being able to demonstrate your ability to automate processes and integrate security measures into CI/CD pipelines will be crucial for this role.
✨Tip Number 3
Understand the frameworks and standards like ISO 27001 and NIST that are relevant to the role. Being able to discuss how you've applied these frameworks in past experiences can show your depth of knowledge and commitment to security best practices.
✨Tip Number 4
Prepare to showcase your communication skills. Since you'll be collaborating with various stakeholders, being able to explain complex technical issues in simple terms is essential. Think of examples where you've successfully communicated technical information to non-technical audiences.
We think you need these skills to ace Security Engineer - Vulnerability Management
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in vulnerability management, especially with tools like Tenable. Emphasise your scripting skills and any experience with CI/CD pipelines to align with the job requirements.
Craft a Compelling Cover Letter: In your cover letter, express your passion for security engineering and detail how your background aligns with the company's transformation programme. Mention specific projects or achievements that demonstrate your ability to drive and automate vulnerability management.
Showcase Technical Skills: Clearly outline your technical skills related to vulnerability management, including your proficiency in scripting languages such as Python, Bash, PowerShell, or Go. Provide examples of how you've used these skills in past roles.
Highlight Collaboration Experience: Since the role involves working with various stakeholders, include examples of past collaborations with IT, DevOps, or engineering teams. Demonstrating your ability to communicate complex technical issues to non-technical stakeholders will strengthen your application.
How to prepare for a job interview at Spencer Rose Ltd
✨Showcase Your Technical Skills
Be prepared to discuss your hands-on experience with vulnerability management tools like Tenable. Highlight specific projects where you've integrated VM tooling into CI/CD pipelines, as this will demonstrate your practical knowledge and relevance to the role.
✨Understand Security Frameworks
Familiarise yourself with security frameworks such as ISO 27001 and NIST. Be ready to explain how you've applied these standards in previous roles, as this will show your understanding of industry best practices and your ability to align with the company's policies.
✨Communicate Effectively
Practice explaining complex technical concepts in simple terms. Since you'll be collaborating with non-technical stakeholders, being able to communicate clearly and effectively is crucial. Prepare examples of how you've done this in past experiences.
✨Demonstrate Automation Skills
Highlight your scripting skills in languages like Python, Bash, or PowerShell. Discuss any automation workflows you've created, especially those that improved efficiency in vulnerability management processes, as this aligns with the company's transformative goals.
