At a Glance
- Tasks: Lead vulnerability management efforts using tools like Qualys to enhance cyber security.
- Company: Join a forward-thinking organisation focused on reducing cyber risk.
- Benefits: Competitive day rate, hybrid work model, and a six-month contract.
- Other info: Collaborative environment with opportunities for professional growth.
- Why this job: Make a real difference in cyber security while developing your expertise.
- Qualifications: Experience with vulnerability management tools and strong understanding of cyber security principles.
Harvey Nash's Client have a requirement for a Vulnerability Management Subject Matter Expert (SME). You will be responsible for the design, delivery, and continuous improvement of the organisation's vulnerability management service for End User Compute devices. The role focuses on utilising tools such as Qualys to identify, assess, prioritise, and support the remediation of vulnerabilities across infrastructure, endpoints, and cloud environments. The SME ensures that vulnerabilities are effectively managed in line with organisational risk appetite and security standards, supporting a proactive approach to reducing cyber risk. This includes maintaining accurate vulnerability data, driving remediation activities, and ensuring alignment with governance, compliance, and audit requirements across the organisation.
Key Accountabilities
- Deliver and support vulnerability management capabilities using Qualys, including asset discovery, vulnerability scanning, and risk prioritisation.
- Analyse and interpret End User Compute vulnerability data, providing actionable insights and remediation recommendations.
- Collaborate with endpoint management and application management SMEs to action remediation activities.
- Monitor and report on vulnerability posture, risk exposure, and remediation performance across the organisation.
- Develop and maintain automation and reporting capabilities to improve efficiency and visibility of vulnerability management activities.
- Collaborate with cyber security, risk, and service management teams to ensure alignment with governance, compliance, and risk frameworks.
Skills, Knowledge & Experience
Essential
- Proven experience operating vulnerability management tools (e.g. Qualys) in an enterprise environment.
- Strong understanding of vulnerability management lifecycle, including scanning, prioritisation, and remediation.
- Knowledge of common security vulnerabilities, risk scoring (e.g. CVSS), and remediation approaches.
- Experience working with endpoint management tools like Intune and SCCM to support vulnerability remediation.
- Understanding of cyber security principles, risk management, and ITIL-based service management practices.
Desirable
- Experience integrating vulnerability management tools with enterprise platforms (e.g. ServiceNow).
- Familiarity with cloud environments (e.g. Azure) and associated security considerations.
- Knowledge of patch management processes and tools.
- Scripting or automation experience (e.g. PowerShell, Python).
- Experience supporting audit, compliance, or regulatory requirements.
Vulnerability Management SME in Havant employer: Harvey Nash Group
At Harvey Nash, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters collaboration and innovation. Our Havant location provides a hybrid working model, allowing for flexibility while ensuring our Vulnerability Management SMEs have access to cutting-edge tools and resources. We are committed to employee growth, providing opportunities for continuous learning and development in the ever-evolving field of cyber security, making us an ideal choice for those seeking meaningful and rewarding employment.
