At a Glance
- Tasks: Lead vulnerability management and enhance cyber defence capabilities in a dynamic team.
- Company: Join a well-established security function within the Intellectual Property Office.
- Benefits: Enjoy competitive salary, hybrid working, and unlimited access to learning resources.
- Other info: Great career progression opportunities and a collaborative work culture await you.
- Why this job: Make a real impact on cybersecurity while developing your skills in a supportive environment.
- Qualifications: Experience in vulnerability management and excellent communication skills are essential.
The predicted salary is between 47766 - 47766 € per year.
This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider, well established security function operating within a highly regulated environment.
In this role, you will lead and continuously enhance the management of vulnerability assessments across our hybrid IT estate. You will prioritise remediation activities using a risk based, threat informed approach, collaborating with stakeholders to strengthen the security posture of our systems and services. You will also develop and mature our threat intelligence capability, identifying and maintaining relevant intelligence sources to inform tactical, operational, and strategic decision making. You will produce and share high quality threat intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPO's protection, detection, and response capabilities.
Main duties consist of but are not limited to:
- Vulnerability Management (Primary Focus)
- Lead and enhance the organisation's vulnerability management programme, including our Penetration Testing programme across a complex hybrid IT environment covering both infrastructure and applications.
- Prioritise vulnerabilities using a risk-based, threat-informed approach to support organisational objectives, regulatory requirements, and audit needs.
- Oversee the full lifecycle of vulnerabilities, including triage, mitigation planning, remediation recommendations, and stakeholder coordination.
- Develop and maintain vulnerability management policies, procedures, standards, and best practice guidance.
- Threat Intelligence
- Produce high quality tactical, operational, and strategic intelligence assessments and briefings using analysis and interpretation of current threat intelligence.
- Utilising and liaising with internal stakeholders, commercial sources, open-source intelligence and government partners to provide a rounded, comprehensive view of the current threat landscape.
- Lead initiatives to strengthen the organisation's intelligence capability and participate in information sharing communities.
- Cyber Risk Management
- Conduct risk and threat assessments aligned with regulations.
- Provide pragmatic and proportionate advice and best practice guidance.
- Metrics & Reporting
- Develop and maintain actionable metrics that demonstrate the effectiveness of the organisation's vulnerability management and threat intelligence capabilities.
- Incident Response Support
- Contribute to and enhance our incident response processes, representing Cyber Security in operational incident calls.
Person specification
Essential Technical
- Strong understanding and experience of vulnerability management, threat intelligence and security operations within a complex enterprise environment.
- Experience of managing and developing penetration testing programs.
- Knowledge of secure development practices and where security testing for vulnerabilities fits into the Software Development Lifecycle (SDLC).
- Broad technical knowledge, especially around hybrid and cloud architectures, identity management and application security.
Essential Experience
- Highly organised and self-motivated, able to manage and deliver on multiple concurrent tasks.
- Excellent communication and interpersonal skills.
- Ability to interact with stakeholders of all levels with the ability to explain complex security concepts to non-technical audiences.
- A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
- Sense of urgency and an ability to respond to tasks proactively and promptly.
- Continually stay abreast of emerging security technologies, threats and trends.
- Self-motivated to drive their learning needs.
How to Apply
Click the 'Apply now' button and complete the application form by providing the following:
- Your CV - Upload an anonymised copy of your current CV.
- 500-word Personal Statement - Use this to explain why you're suitable for the role.
- Technical - Provide a 250-word example that demonstrates your technical ability: Penetration testing (focused on managing penetration testing programs rather than conducting the tests yourself).
Benefits
- Alongside your salary, the Intellectual Property Office contributes towards you being a member of the Civil Service Defined Benefit Pension scheme.
- Unlimited Pluralsight video learning access.
- Access to Microsoft's ESI training suite.
- Hybrid working with no core hours.
- Substantial support for career progression.
- 25 days annual leave moving to 30 days in annual increments.
- 8 days public leave and 1 day privilege leave.
Things you need to know
- Successful candidates must pass a disclosure and barring security check.
- Individuals will need to have lived in the UK for a sufficient period of time to enable appropriate checks to be carried out.
- Only one application per candidate is permitted for each recruitment campaign.
Threat and Vulnerability Manager - Newport in Oakdale employer: Intellectual Property Office
The Intellectual Property Office (IPO) is an exceptional employer, offering a dynamic work environment in Newport that fosters collaboration and innovation within the Cyber Operations team. With a strong commitment to employee growth, the IPO provides substantial support for career progression, unlimited access to learning resources, and a flexible hybrid working model that promotes work-life balance. Employees enjoy generous leave entitlements and a comprehensive pension scheme, making it a rewarding place to build a meaningful career in cybersecurity.
Contact Detail:
Intellectual Property Office Recruiting Team
StudySmarter Expert Advice🤫
We think this is how you could land Threat and Vulnerability Manager - Newport in Oakdale
✨Tip Number 1
Network like a pro! Reach out to your connections in the cyber security field, especially those who work at the IPO or similar organisations. A friendly chat can lead to insider info about the role and even a referral!
✨Tip Number 2
Prepare for the interview by brushing up on your technical skills. Make sure you can discuss your experience with vulnerability management and threat intelligence confidently. We want to see how you can apply your knowledge in real-world scenarios!
✨Tip Number 3
Show off your communication skills! Practice explaining complex security concepts in simple terms. This will help you connect with non-technical stakeholders during the interview and demonstrate your ability to collaborate effectively.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re serious about joining our team and contributing to our cyber defence capabilities.
We think you need these skills to ace Threat and Vulnerability Manager - Newport in Oakdale
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to highlight how your experience aligns with the essential criteria in the job description. We want to see clear examples of your skills in vulnerability management and threat intelligence!
Craft a Compelling Personal Statement:Your 500-word personal statement is your chance to shine! Structure it around the essential criteria and provide specific examples that demonstrate your suitability for the role. Remember, we love a good story!
Show Off Your Technical Skills:In your technical example, focus on your experience managing penetration testing programmes. Keep it concise at 250 words and ensure it aligns with the technical criteria listed in the person specification. We’re keen to see your expertise!
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way to ensure your application gets to us directly. Plus, it makes the whole process smoother for everyone involved.
How to prepare for a job interview at Intellectual Property Office
✨Know Your Stuff
Make sure you brush up on your knowledge of vulnerability management and threat intelligence. Be ready to discuss specific tools and methodologies you've used in the past, especially in relation to penetration testing programmes. This will show that you’re not just familiar with the concepts but have practical experience.
✨Communicate Clearly
Since this role involves liaising with various stakeholders, practice explaining complex security concepts in simple terms. Use examples from your past experiences to illustrate your points. This will demonstrate your excellent communication skills and ability to engage with non-technical audiences.
✨Show Your Collaborative Spirit
Prepare to discuss how you've worked with teams in the past to enhance security measures. Highlight any instances where you’ve led initiatives or contributed to group projects. This will showcase your team player attitude and enthusiasm for collaboration, which is key for this role.
✨Be Ready for Technical Questions
Expect technical questions related to managing penetration testing programmes. Prepare a concise 250-word example that highlights your technical abilities in this area. This will help you stand out as a candidate who not only understands the theory but can also apply it effectively.
