Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead vulnerability management and threat assessment in a dynamic retail tech environment.
- Company: Join Next, a leading FTSE-100 retail company with a vibrant culture.
- Benefits: Enjoy discounts, bonuses, and wellness perks while working in a supportive environment.
- Why this job: Make a real impact on security while developing your skills in a fast-paced industry.
- Qualifications: Experience in vulnerability management and a solid understanding of information security.
- Other info: Mentorship opportunities and excellent career growth await you!
The predicted salary is between 42000 - 84000 ÂŁ per year.
About the Role: Working in the Information Security team you will focus on Vulnerability and Threat Management across the Next technology estate, with a particular focus on our Warehouse environment and the technology utilised within it to help maintain an awareness of new and emerging security threats and trends.
As a Senior Vulnerability Management Engineer you will:
- Identify, assess, validate and communicate new vulnerabilities across the technical teams, ensuring the vulnerability management process is followed.
- Work with other IT teams to provide guidance and recommend mitigation strategies for vulnerabilities.
- Help manage and configure vulnerability scanning and reporting tools, and administer Next’s Bug Bounty programme.
- Create reporting to summarise findings and recommendations for a variety of audiences.
- Lead the review of incoming threat intelligence, assess relevance and severity, and provide reports to senior stakeholders.
- Collaborate with Incident Response and Engineering to identify threat actors’ tactics and techniques; propose and support countermeasures.
- Mentor more inexperienced team members and coordinate efforts to mitigate significant threats or vulnerabilities.
- Participate in shift rota and attend the Enderby Head Office in Leicester monthly.
Key Responsibilities
- Manage and maintain vulnerability scanning and risk reporting tools.
- Lead planning, estimation, scoping and delivery of key projects, ensuring clear communication of progress.
- Complete security assessments and debrief key stakeholders on any apparent risks.
- Support remediation teams with remediation strategies and triage, risk assessment, logging and assignment of vulnerabilities.
- Assist Incident Response team with investigation and resolution of security incidents when required.
- Create and maintain operational procedures, configuration and technical documentation to a high standard.
- Manage and maintain metrics and reporting to demonstrate the effectiveness of the vulnerability management programme.
- Serve as subject‑matter expert for the Vulnerability Management team and coordinate efforts during emergency remediation or mitigation.
- Maintain awareness of new and emerging security threats and trends; test/validate threat intelligence findings against our people, processes and technologies.
- Review threat intelligence and advise on recommended mitigation strategies.
- Act as a mentor for junior members of the Vulnerability Management team.
About you
- Experience managing and maintaining a Vulnerability Management tool.
- In‑depth understanding of Information Security including malware, emerging threats, attacks and vulnerability management.
- Proven Information Technology experience with a strong understanding of network protocols and server infrastructure, including network segmentation.
- Experience with Windows Server and/or Linux.
- Ability to take a lead role in coordinating the timely diagnosis and resolution of major issues.
- Adheres to and promotes high standards of work.
- Understands and operates change management.
- A team player who is hardworking and self‑motivated.
- Possesses an inquisitive and proactive approach to identifying security gaps.
- Ability to plan and prioritise workloads, and to measure and report on current progress.
- Ability to remain calm under pressure and communicate clearly to all levels of management.
- Excellent attention to detail.
- Understanding of vulnerability and threat assessment frameworks such as CVSS, CVE, CWE, OWASP, MITRE.
- Operational Technology (OT) management experience in vulnerability scanning.
- Competent at keeping up to date on cyber threat intelligence (CTI).
Desirable
- Experience with security or compliance standards such as PCI‑DSS or ISO27001.
- Understanding and experience working for a Retail company.
- Foundational understanding of cloud‑based infrastructure.
- Relevant industry‑recognised security qualification.
- Understanding of DevOps architecture and code scanning.
- Offensive security experience.
- Experience managing SCADA/PLC systems and controlling warehouse equipment.
- Experience managing a Threat Intelligence Platform (TIP).
- Experience with Custom AI usage.
About Us
Next is a FTSE‑100 retail company employing over 35,000 people across the UK and Ireland. We’re the UK’s 2nd largest fashion retailer and, for kidswear, we’re the market leader. We operate over 500 stores as well as the Next Online, and we have expanded to more than 70 countries worldwide.
We aim to support all candidates during the application process and are happy to provide workplace adjustments when necessary. If you need support with your application due to a disability or long‑term condition, please contact us by email at headoffice_careers@next.co.uk (include “Workplace Adjustments” in the subject line) or call 0116 284 2486.
#J-18808-Ljbffr
Senior Vulnerability Management Engineer employer: Next
Contact Detail:
Next Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Vulnerability Management Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by practising common questions and scenarios related to vulnerability management. We recommend doing mock interviews with friends or using online platforms to get comfortable with your responses.
✨Tip Number 3
Showcase your skills! Create a portfolio or a personal project that highlights your expertise in vulnerability management. This can really set you apart from other candidates and give you something tangible to discuss in interviews.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at Next.
We think you need these skills to ace Senior Vulnerability Management Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Senior Vulnerability Management Engineer role. Highlight your experience with vulnerability management tools and any relevant security frameworks like MITRE. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about vulnerability management and how your background makes you a great fit for our team. Keep it engaging and personal – we love to see your personality come through!
Showcase Your Achievements: When detailing your experience, focus on specific achievements rather than just listing duties. Did you lead a successful project or implement a new tool? Share those wins! We’re keen to see how you've made an impact in your previous roles.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us that you’re genuinely interested in joining our team at Next!
How to prepare for a job interview at Next
✨Know Your Vulnerabilities
Before the interview, brush up on your knowledge of vulnerability management tools and frameworks like MITRE. Be ready to discuss how you've used these in past roles, as this will show your expertise and relevance to the position.
✨Showcase Your Communication Skills
As a Senior Vulnerability Management Engineer, you'll need to communicate complex security issues to various stakeholders. Prepare examples of how you've effectively communicated findings or recommendations in previous roles, highlighting your ability to tailor your message to different audiences.
✨Demonstrate Proactive Problem-Solving
Think of specific instances where you identified security gaps and took initiative to address them. Be prepared to discuss your thought process and the impact of your actions, as this will demonstrate your proactive approach to vulnerability management.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your ability to handle real-world security incidents. Practice articulating your response to potential threats or vulnerabilities, focusing on your assessment, mitigation strategies, and collaboration with other teams.
