This job is with St. James's Place, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

The role:

The Vulnerability Management Specialist plays a pivotal role in strengthening our organisation's security posture by proactively identifying, assessing, and mitigating security risks across both internally and externally developed applications. This role is responsible for managing and enhancing vulnerability detection processes, ensuring that security weaknesses are identified and addressed before they can be exploited. By continuously monitoring and evaluating security vulnerabilities, the role contributes to the overall resilience of our infrastructure and helps maintain compliance with industry regulations and best practices.

In addition to identifying vulnerabilities, this role supports the wider security team in improving security processes and ensuring risks are effectively managed. The Vulnerability Management Specialist will work closely with other teams to help implement security best practices and support remediation efforts. This position requires strong analytical skills, attention to detail, and a proactive approach to maintaining the security of our systems.

What you'll be doing:

• Vulnerability Assessment & Management - Conducting regular security assessments, scans, and penetration tests to identify weaknesses across applications, systems, and networks, ensuring timely remediation of vulnerabilities.
• Security Risk Analysis - Analysing system architectures and software development lifecycles to detect potential security gaps, assess risk levels, and recommend necessary security enhancements.
• Remediation Coordination - Working collaboratively with IT, development, and security teams to prioritise, track, and ensure the resolution of vulnerabilities while balancing operational needs.
• Security Strategy & Best Practices - Contributing to the development of security policies, frameworks, and automated testing methodologies to improve the organisation's overall security resilience.
• Reporting & Compliance - Producing detailed reports on vulnerability findings, remediation progress, and security risk trends to ensure compliance with regulatory requirements and internal security standards.

Who we're looking for:

An effective communicator who enjoys collaborating across multiple teams, able to articulate complex cyber concepts in simple language and someone who has a proactive approach to promoting cyber security awareness across the business.

Essential Criteria:

• Awareness of cyber security in applications
• Demonstrate a genuine interest or passion for cyber security!
• Demonstrable experience of creating data reports and presentations
• Able to demonstrate adaptability to a changing environment

Desirable Criteria:

• Previous exposure in a cyber security environment
• A cyber certification