Senior Vulnerability Engineer

The Senior Network Vulnerability Management Analyst will operate as a subject matter expert within a regulated financial services environment, owning the end to end lifecycle of network infrastructure vulnerabilities. This role focuses on Tenable driven discovery, risk based prioritisation, remediation coordination, ServiceNow Vulnerability Response workflow management, and automation to uplift the maturity and efficiency of the vulnerability management programme.

Responsibilities

• Act as the primary analyst for vulnerabilities identified through Tenable authenticated scans across routers, switches, firewalls, load balancers, wireless infrastructure, and other network devices.
• Validate vulnerability findings, remove false positives, and deduplicate results across scan cycles, asset groups, and overlapping detections.
• Perform risk based prioritisation using CVSS, EPSS, exploit intelligence, asset criticality, exposure, compensating controls, and regulatory considerations aligned to bank risk appetite.
• Maintain clear and defensible documentation for prioritisation decisions, exceptions, and risk acceptances.
• Coordinate remediation activities with network engineering, infrastructure, and platform teams to ensure vulnerabilities are resolved within agreed service level agreements.
• Translate technical findings into actionable remediation guidance including patching, configuration changes, upgrades, or mitigations appropriate to each platform.
• Lead remediation working sessions, track ageing vulnerabilities, escalate blockers through governance forums, and validate fixes through targeted rescans.
• Manage the vulnerability lifecycle within ServiceNow Vulnerability Response, ensuring accurate CMDB linkage, correct assignment routing, SLA tracking, and reporting.
• Tune Tenable and ServiceNow integrations including ingestion rules, asset matching, deduplication logic, severity overrides, exceptions, and reporting outputs.
• Build and maintain dashboards and key performance indicators for operational, management, and regulatory reporting.
• Identify and deliver automation across ingestion, enrichment, prioritisation, ticketing, notifications, evidence capture, rescanning, and reporting using ServiceNow Flow Designer, Integration Hub, Tenable APIs, scripting, and where appropriate SOAR platforms.
• Contribute to the strategic roadmap of the vulnerability management programme including process design, RACI definition, metrics, and integration with asset management, patch management, threat intelligence, and governance risk and compliance functions.

Qualifications

Required Experience

• Six or more years of vulnerability management experience with deep hands on expertise in Tenable Security Center, Tenable Vulnerability Management, Nessus, and authenticated scanning of network devices.
• Strong practical experience with ServiceNow Vulnerability Response including CMDB integration, assignment rules, exception workflows, and reporting.
• Solid knowledge of enterprise network platforms such as Cisco IOS, IOS XE, NX OS, Juniper, Palo Alto, Fortinet, F5, and Arista, and the vulnerability classes that commonly affect them.
• Demonstrated delivery of vulnerability management automation in production environments with clear measurable outcomes.
• Proficiency in at least one scripting language, preferably Python, and confidence working with REST APIs.
• Experience operating within regulated financial services environments with familiarity of frameworks such as FED, NIST Cybersecurity Framework, DORA, ISO 27001, and CIS Benchmarks.
• Strong stakeholder management skills with the ability to engage both technical engineering teams and senior security or risk stakeholders.

Preferred Experience

• Professional German language capability at B2 level or above.
• Experience with SOAR platforms such as Splunk SOAR, Cortex XSOAR, or ServiceNow SecOps.
• Exposure to additional vulnerability scanners such as Qualys or Rapid7 and threat intelligence or EPSS enrichment pipelines.
• Industry certifications including CISSP, OSCP, GIAC certifications, Tenable certifications, or ServiceNow CIS Vulnerability Response.
• Prior experience working within a Tier one bank or systemically important financial institution.

Tools and Technologies

• Tenable Security Center, Tenable Vulnerability Management, Nessus, ServiceNow Vulnerability Response, CMDB, ServiceNow Flow Designer, Integration Hub, Python, REST APIs, network infrastructure platforms, SOAR tooling.

Candidates will be required to go through background checks before commencing contract. Must be an EU Citizen. Some occasional travel may be required. Only successful candidates will be contacted.

EQUAL OPPORTUNITIES

World Wide Technology is committed to equal opportunities and actively seeks applications from all sectors of the community irrespective of sex, race, colour, nationality, ethnic or national origin, disability, marital status, sexual orientation, having responsibility for dependents, age, religion/beliefs, or any other reason which cannot be shown to be justified.