Key Responsibilities

• Vulnerability Management: Lead the full lifecycle of vulnerability management—from discovery and assessment to prioritisation and remediation tracking
• Administer and optimise scanning tools (e.g., Tenable, Nessus)
• Conduct regular scans of networks, systems, and applications to identify vulnerabilities
• Classify and prioritise vulnerabilities using severity ratings, business impact, and threat intelligence
• Remediation & Coordination: Collaborate with Service Operations, Cloud, and Infrastructure teams to ensure timely remediation within agreed SLAs
• Track remediation efforts and report progress to key stakeholders and leadership
• Maintain processes for vulnerability exceptions and risk acceptance
• SOC Integration & Threat Correlation: Work closely with SOC analysts and threat intelligence teams to align vulnerabilities with emerging threats and exploitation trends
• Support incident response efforts by identifying potential weaknesses during investigations and post-incident reviews
• Reporting & Metrics: Produce clear, actionable vulnerability reports and dashboards for both technical and non-technical audiences
• Provide regular metrics and KPIs to measure the effectiveness of the vulnerability management program
• Policy & Process Development: Develop and maintain vulnerability management policies, procedures, and operational standards
• Contribute to security architecture reviews and hardening documentation

Required Qualifications

• 3+ years of experience in cybersecurity, with at least 2 years focused on vulnerability management
• Experience working in or alongside a Security Operations Centre (SOC)
• Proficiency with vulnerability scanning tools and management frameworks
• Familiarity with standards such as CVSS, NIST, and MITRE ATT&CK
• Solid understanding of operating systems (Windows, Linux), network infrastructure, and cloud platforms (AWS, Azure, GCP)
• Experience with SIEM, EDR, and asset inventory tools

Preferred Certifications

• Bachelor\'s degree in Computer Science, Information Security, or a related field (or equivalent experience)
• Industry certifications such as CISSP, CISM, GIAC GCIH, OSCP, or equivalent
• Vendor-specific certifications (e.g., Tenable Certified Specialist, QualysGuard Certified Specialist)

Key Skills

• Strong organisational and attention to detail skills
• Excellent communication abilities across technical and non-technical teams
• Ability to work independently as well as collaboratively in a fast-paced environment
• Strong analytical and problem-solving mindset

Working Environment

• Primarily onsite at our Stoke-on-Trent office, with hybrid working arrangements available (to be discussed during interview)
• Flexibility for after-hours or on-call support when required
• Opportunities for continuous learning, certifications, and career development

LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.