Threat and Vulnerability Analyst Glasgow, Scotland
University of Glasgow
Full Time
Glasgow, Scotland
39347 - 44263 GBP ANNUAL Today
Job description
Job Purpose
The Threat and Vulnerability Analyst is responsible for supporting and delivering the operation of the vulnerability management function. The role will utilise vulnerability management tools and techniques to co-ordinate, categorise and prepare vulnerability remediation plans and present metrics / KPIs to senior stakeholders. The role will also analyse threat data from multiple sources to enrich vulnerability information and highlight emerging threat patterns.
This role will support the development of technologies, policies and procedures to build a high performing vulnerability management function.
Main Duties and Responsibilities
1. Monitor threats intelligence feeds from multiple sources identifying emerging trends or patterns and proactively recommend mitigations.
2. Manage vulnerability scanning (scheduling, configuration) and ensuring all assets are compliant with vulnerability policy.
3. Develop and continually improve vulnerability policy and strategy and innovate new approaches to embed these institutionally.
4. Operate technical security infrastructure (Vulnerability Management, End-point Recovery) and ensure control effectiveness.
5. Collaborate with technology and business colleagues to embed vulnerability technologies throughout the organisation.
6. In-conjunction with institutional peers, act as a subject matter expert to deliver threat reporting and agree technical remediation plans.
7. Work closely in collaboration with IT & peers / stakeholders to plan and deliver vulnerability remediation based on risk assessment and business risk profile.
8. Create and deliver usable metrics which visualise the overall vulnerability and risk trend as well as overall vulnerability management progress.
9. Troubleshoot and undertaken detailed analysis complex technical problems, including issues with the design and operation of technical controls.
10. Keep up to date with developments in vulnerability research and technical areas. Utilise specialist knowledge to contribute to overall vulnerability strategy.
Knowledge, Qualifications, Skills & Experience
Knowledge/Qualifications
Essential:
A1 Ability to demonstrate the competencies required to undertake the duties associated with this level of post having acquired the necessary knowledge and skills in a similar or number of different roles OR Scottish Credit and Qualification Framework level 9, (ordinary/honours degree, Scottish Vocational Qualification level 4), or equivalent (including professional accreditation with relevant formal training), and experience of personal development in a similar or related role(s).
A2 Thorough understanding of security vulnerability tools, processes, and techniques.
A3 Specialist knowledge and understanding of best practice techniques for broader information technology systems and infrastructure.
Desirable:
B1 Accreditation in Cyber Security (CISSP, CISM) or related disciples.
B2 Knowledge of support ticket lifecycle and handling.
Skills
Essentials:
C1 Proven ability to devise, develop and innovate new working procedures embedding them into standard operations.
C2 Well developed ability to assess priorities and manage own workload effectively and convert strategic objectives into operational plans.
C3 Strong Interpersonal skills: with ability to communicate and liaise effectively with other technical specialists, business stakeholders and senior stakeholders.
C4 Ability to produce clear and concise assessments of technology matters, explaining technical subject matter to a non-technical audience.
C5 Advanced analytical and problem-solving capabilities.
C6 Demonstrable planning skills with the ability to plan own workload independently in a time-pressured environment.
Desirable:
D1 Ability to work with suppliers and collaborate effectively.
Experience
Essential:
E1 Ability to demonstrate the competencies required to undertake the duties associated with this level of post having acquired the necessary professional knowledge and management skills in a similar or number of different specialist roles.
E2 Significant proven experience working in fast paced diverse technology environment.
E3 Extensive and relevant experience of pragmatically applying technology solutions to real world challenges.
E4 Experience in managing competing priorities in a time-pressured environment.
E5 Experience of providing specialist advice and information to a wide range of audiences with differing levels of knowledge.
E6 Demonstrable experience of developing and implementing operational delivery plan for vulnerability management.
E7 Experience creating vulnerability remediation plans producing meaningful and insightful reports.
Desirable:
F1 Experience of working in the HE Sector.
F2 Experience of working with IT teams.
Terms and Conditions
Salary will be Grade 7, £39,347 - £44,263 per annum.
This post is full time (35 hours per week) and open ended.
As part of Team UofG you will be a member of a world changing, inclusive community, which values ambition, excellence, integrity and curiosity.
As a valued member of our team, you can expect:
1 A warm welcoming and engaging organisational culture, where your talents are developed and nurtured, and success is celebrated and shared.
2 An excellent employment package with generous terms and conditions including 41 days of leave for full time staff, pension - pensions handbook https://www.gla.ac.uk/myglasgow/payandpensions/pensions/, benefits and discount packages.
3 A flexible approach to working.
4 A commitment to support your health and wellbeing, including a free 6-month UofG Sport membership for all new staff joining the University https://www.gla.ac.uk/myglasgow/staff/healthwellbeing/.
We believe that we can only reach our full potential through the talents of all. Equality, diversity and inclusion are at the heart of our values. Applications are particularly welcome from across our communities and in particular people from the Black, Asian and Minority Ethnic (BAME) community, and other protected characteristics who are under-represented within the University. Read more on how the University promotes and embeds all aspects of equality and diversity within our community https://www.gla.ac.uk/myglasgow/humanresources/equalitydiversity/.
We endorse the principles of Athena Swan https://www.gla.ac.uk/myglasgow/humanresources/equalitydiversity/athenaswan/ and hold bronze, silver and gold awards across the University.
We are investing in our organisation, and we will invest in you too. Please visit our website https://www.gla.ac.uk/explore/jobs/ for more information.
