At a Glance
- Tasks: Lead the charge in identifying and remediating cyber vulnerabilities to protect our systems.
- Company: Join Iress, a leading tech company transforming financial services globally.
- Benefits: Enjoy 25 days annual leave, flexible work, and a free on-site gym.
- Other info: Be part of a diverse and inclusive culture that values your uniqueness.
- Why this job: Make a real impact in cybersecurity while collaborating with global teams.
- Qualifications: Experience in security management and strong communication skills are essential.
The predicted salary is between 60000 - 80000 £ per year.
See yourself being part of a large, transformational change? This could be the role for you! At Iress, we make things happen. We believe technology should help people perform better every day. Since our beginning in 1993, people across financial services have trusted us to take their performance to the next level. More than 10,000 businesses and 500,000 people use our software, from the world’s most iconic financial services brands to advice firms of all sizes, banks, insurers, investment managers, traders and brokers. Iress is one of Australia’s largest technology companies and employs more than 1,100 people across Australia, The United Kingdom, Africa, Canada, New Zealand and Asia.
Role Purpose: Reporting to the Head of Application Security, you will be responsible for the day-to-day operation and continuous improvement of Iress’s Vulnerability Management program. Your goal is to ensure that security risks within our global infrastructure and applications are identified, analysed, and most importantly remediated. You will act as the vital link between our automated security tools and the Engineering teams who implement the fixes.
- Lead expert investigations into cyber vulnerabilities.
- Partner with business units to prioritise and agree on fast, effective remediation that hits our security KPIs.
- Direct the analysis of security risks and present clear, actionable solutions to the CISO and senior stakeholders to keep Iress systems resilient.
- Take ownership of emerging threats by translating their potential impact into robust security strategies that strengthen our global defenses.
- Analyse and challenge security data to ensure our leadership receives an accurate picture of emerging risks.
- Mentor and guide Engineering teams, ensuring they have the support and knowledge to follow world-class security procedures.
- Lead cross-functional efforts to track new threats and build mitigation strategies before they can impact the business.
Core Skills, Knowledge and Attributes: The ideal candidate would be able to demonstrate skills or experience aligned to the following criteria:
- Communication: Clearly explain complex risks to both technical and non-technical stakeholders. Use your expertise to provide actionable recommendations that drive risk-based decisions.
- Infrastructure Experience: Proven experience managing security across cloud, hybrid, and on-premises environments. You should have a strong grasp of cloud-hosted security principles.
- Vulnerability Assessment: Strong knowledge of the tools and methods used to assess large, complex IT infrastructures.
- Threat Analysis: Skilled at analysing new cybersecurity threats and developing practical mitigation strategies.
- Global Collaboration: Ability to work effectively with colleagues across different functions and time zones, including our Australian teams.
- Strategic Insights: Use your insight into threat actor behaviour and capabilities to enrich our security data. You will help prioritise remediation across multiple systems based on potential impact.
Accountabilities & Deliverables:
- Produce regular, accurate vulnerability heatmaps and progress reports for the Head of AppSec.
- Provide Engineering teams with "clean," prioritised lists of vulnerabilities to ensure their time is spent on high-impact fixes.
- Assist in the drafting and updating of vulnerability management standards and remediation SLAs.
- Track and report on remediation timelines to ensure risks are closed within agreed windows.
Key Relationships:
- InfoSec Heads (Application Security, Security Engineering, Security Operations and Global Risk & Compliance)
- Chief Information Security Officer
- Chief Technology Officer
- Business Unit Heads of Engineering (Group, Trading & Market Data, Sourcing and Wealth)
Why work with us?
- 8 paid days per year to extend your weekends + 25 days annual leave
- State-of-the-art offices
- Free on-site gym in our Cheltenham office open 24/7
- New Short-Term Incentive and Recognition program
- Casual dress, flexible work policy
- Access to learning and development programs through LinkedIn Learning
- 3 days’ leave per year for charity initiatives
- Starting school leave - 8.5 days of leave to assist your kids with the transition to school
- Life Insurance & Private Medical
- Up to 26 weeks’ paid parental leave for primary carers (up to 4 weeks for secondary carers), and the ability to work part-time when returning to work
Iress is committed to fostering a welcoming and inclusive culture. We strongly believe that diversity is what makes our teams and our products succeed. Our people have different experiences, skills, perspectives and beliefs and everyone’s uniqueness is valued and celebrated. Our hiring decisions are never based on sexual orientation, race, gender identity, religion, disability, citizenship, marital or family status and age. Even if you feel you don’t meet all of the requirements of the role, we would still like to hear from you! We’re also proud to be globally recognised as a WORK180 Endorsed Employer that promotes and supports all women in the workplace.
Vulnerability Manager in Cheltenham employer: Iress
Iress is an exceptional employer that prioritises employee well-being and professional growth, offering a vibrant work culture in its Cheltenham office. With benefits like 25 days of annual leave, flexible working policies, and access to state-of-the-art facilities, Iress fosters an inclusive environment where diverse talents thrive. Employees are encouraged to develop their skills through learning programmes and enjoy generous parental leave, making it a rewarding place to build a meaningful career in technology.
StudySmarter Expert Advice🤫
We think this is how you could land Vulnerability Manager in Cheltenham
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with Iress employees on LinkedIn. A friendly chat can sometimes lead to opportunities that aren’t even advertised!
✨Tip Number 2
Prepare for interviews by researching Iress and its culture. Understand their values and how they approach vulnerability management. This will help you tailor your answers and show you’re genuinely interested in being part of their team.
✨Tip Number 3
Practice your communication skills! You’ll need to explain complex security risks clearly. Try explaining a technical concept to a friend who isn’t in tech – if they get it, you’re on the right track!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re serious about joining Iress and ready to make an impact in vulnerability management.
We think you need these skills to ace Vulnerability Manager in Cheltenham
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Vulnerability Manager. Highlight your experience with vulnerability assessments and threat analysis, and don’t forget to mention any relevant tools you’ve used!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cybersecurity and how your skills align with Iress’s mission. Keep it concise but impactful!
Showcase Your Communication Skills:Since you'll be explaining complex risks to various stakeholders, make sure your application reflects your ability to communicate clearly. Use straightforward language and examples that demonstrate your expertise.
Apply Through Our Website:We encourage you to apply through our website for the best chance of being noticed. It’s super easy, and you’ll find all the details you need right there. Don’t miss out on this opportunity!
How to prepare for a job interview at Iress
✨Know Your Vulnerabilities
Before the interview, brush up on the latest trends in vulnerability management and cybersecurity threats. Familiarise yourself with common tools and methods used in the industry, as well as Iress's specific approach to vulnerability management. This will help you speak confidently about your expertise and how it aligns with their needs.
✨Communicate Clearly
Practice explaining complex security concepts in simple terms. Since you'll need to communicate with both technical and non-technical stakeholders, being able to articulate risks and solutions clearly is crucial. Consider using examples from your past experiences to illustrate your points effectively.
✨Showcase Collaboration Skills
Iress values global collaboration, so be prepared to discuss how you've worked with cross-functional teams in the past. Highlight any experiences where you successfully partnered with different departments to address security issues or implement solutions, demonstrating your ability to work effectively across various functions.
✨Prepare for Scenario Questions
Anticipate scenario-based questions that may test your problem-solving skills in real-world situations. Think about how you would handle emerging threats or prioritise vulnerabilities based on potential impact. Practising these scenarios can help you respond confidently and showcase your strategic insights during the interview.
