At a Glance
- Tasks: Analyse vulnerabilities and collaborate with teams to enhance security across a large enterprise.
- Company: Join a leading tech company focused on innovative security solutions.
- Benefits: Competitive pay, flexible work options, and potential for long-term engagement.
- Other info: Dynamic role with opportunities for professional growth and skill development.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: Experience in penetration testing or offensive security, strong Linux and scripting skills.
The predicted salary is between 60000 - 80000 £ per year.
We're supporting one of the world's leading technology companies in hiring a contractor to join their Information Security Assurance team. This is an excellent opportunity for someone with a background in penetration testing or offensive security who enjoys understanding how vulnerabilities work and helping engineering teams reduce security risk at scale. Rather than carrying out traditional penetration testing engagements, you'll analyse newly disclosed vulnerabilities, assess their potential impact across a large enterprise environment and work with internal stakeholders to drive remediation.
Responsibilities
- Analyse newly published CVEs and security advisories to understand technical impact and exploitability.
- Assess the potential impact of vulnerabilities across enterprise infrastructure and systems.
- Identify affected assets using internal tooling and vulnerability data sources.
- Work closely with engineering and system owners to prioritise and coordinate remediation activities.
- Write Python, Bash or similar scripts to automate repetitive analysis and operational tasks.
- Produce clear technical documentation, vulnerability assessments and remediation guidance.
- Support ongoing improvements to vulnerability management processes.
About you
You’ll ideally have experience in a technical security role such as Penetration Testing, Offensive Security, Application Security or Vulnerability Management, together with:
- Hands-on experience in penetration testing or offensive security.
- Good understanding of how vulnerabilities are discovered, exploited and remediated.
- Strong Linux knowledge and confidence working from the command line.
- Scripting experience using Python, Bash or similar.
- Familiarity with CVE, CVSS, NVD and common vulnerability management practices.
- A methodical approach to analysing technical risk and prioritising remediation.
- Strong communication skills with the ability to explain technical issues to non-security stakeholders.
Desirable
Experience with one or more of the following would be beneficial:
- Vulnerability management platforms (Tenable, Qualys, Rapid7, Microsoft Defender VM or similar).
- OWASP Top 10.
- Security automation.
- Enterprise vulnerability management.
- Cloud infrastructure security.
- Relevant certifications such as OSCP, CREST CRT, GPEN or similar.
Technical Vulnerability Management Engineer employer: PCR Digital
Pcr Digital is an exceptional employer that fosters a collaborative and innovative work culture, particularly in the vibrant city of London. Employees benefit from competitive compensation, opportunities for professional growth, and the chance to work on cutting-edge technology in the broadcast media sector. With a focus on teamwork and leadership development, Pcr Digital empowers its engineers to excel and make a meaningful impact in their roles.
StudySmarter Expert Advice🤫
We think this is how you could land Technical Vulnerability Management Engineer
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace Technical Vulnerability Management Engineer
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help PCR Digital understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at PCR Digital.
How to prepare for a job interview at PCR Digital
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help PCR Digital protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.