Vulnerability Management Specialist

Anglo American ,
London, Greater London
Job Type: Full-time

Overview

Company Description The purpose of Global Information Management (IM) is to enable the delivery of business processes, communication, collaboration, and knowledge management through the deployment, support, and maintenance of enterprise technology, infrastructure, applications, and mine technical systems. More About the Business Unit The purpose of Technical & Sustainability (T&S) in Anglo American is to represent and drive the future of mining, as the technical experts and innovators of the company - and industry. The T&S function is globally located and works in partnership with Business Units and other Group functions, to safely ensure technical and operational excellence that delivers to the company’s growth and sustainability ambitions and clear societal purpose. Job Description This is a fantastic time to join us as a Vulnerability Management (VM) Specialist. In this role, you will be responsible for the management and delivery of VM projects within Anglo American. You'll also be responsible for the monitoring and analysis of vulnerabilities (both current and historical) and developing response plans that consider both the threat and current/future risk to the business. Create and maintain scanning schedules, authentication records, asset tags/group and option profiles of the in-place scanning solution. Ensure timely execution of scans Support the Incident Response process through information feeds relating to vulnerabilities Engaging with key stakeholders and service delivery teams to coordinate and solutionise fixes to identified vulnerabilities Support the planned rollout of fixes to identified vulnerabilities through the business unit and third party engagement Investigation and remediation of cloud agent and scanner issues Coordination and planning of vulnerability tool deployment Investigation of new hosts and services discovered on intranet and external Drive the exception management process through attending Change Control meetings Manage all support cases relating to vulnerability management Liaise with teams on firewall/proxy configurations, DNS and VLAN configurations Maintenance of network discovery solution Setting up and managing alerts for non-complaint devices detected on the network Coordinate remedial action against non-complaint devices Build network maps for Anglo American sites Identify trends and new vulnerabilities and link to the current posture of Anglo American Essential Knowledge and Experience Experience with software vulnerabilities, how CVEs are reported, how CVSS score is performed and how they relate to specific system packages and remediation Knowledge and understanding of the OWASP system Excellent understanding of the TCP/IP networking model Knowledge of Qualys, both scanner and cloud agent Knowledge of patching tools such as SCCM-WSUS Ability to formulate solutions by following a step-by-step practical approach, involving the use of discretion, to arrive at an appropriate option based on custom or precedent. Ability to collate and analyse metrics on the performance of the incident management process. Excellent communication skills Ability to anticipate future potential technology impacts and benefits to the business and develop a perspective on how this will impact on the operations of their function. Ability to oversee the implementation of new processes, methods, and technologies to support IM operations. This role is in the Technical and Sustainability Unit at a Band 6 level reporting to the Global IM Security Operations Manager Qualifications An undergraduate qualification (bachelor’s degree or equivalent) in the relevant IT discipline. CISSP What we offer When you join Anglo American, you can expect to enjoy a competitive salary and benefits package. But more than this, you’ll find yourself in an environment where the opportunities for learning and growth are second to none. From technical training to leadership programmes, we bring out the best in our people. There are plenty of opportunities to move onwards and upwards too. We’re a large, successful multinational company - and we’re still growing all the time. Who we are We aim to lead the industry by pursuing ever safer and more responsible ways of working, demonstrating integrity and showing care and respect for people and the planet. That means we are constantly seeking new opportunities to mine and process our products sustainably, using less water, less energy, and more precise extraction technologies. As the custodians of coal and other precious natural resources - diamonds (through De Beers), copper, platinum and other precious metals, iron ore, and nickel - our extraordinary teams work safely and collaboratively, with the utmost consideration for local communities, our customers and the world at large. How we are committed to your safety Nothing is more important to us than ensuring you return home safely after a day’s work. To make that happen, we have the most rigorous safety standards in the industry. Not only that, but we’re also continually investing in new technologies - from drones to data analytics - that are helping to make mining safer. Inclusion and Diversity Anglo American is an equal opportunity employer. We are committed to promoting an inclusive and diverse workplace where we value and respect every colleague for who they are and provide equality of opportunity so that everyone can fulfill their potential. Rewards & Benefits Competitive salary and benefits package Amazing opportunities for learning and growth - from technical training to leadership programs, we bring out the best in people We’re a large, successful multinational company and there are plenty of opportunities to move onward and upwards too. Free breakfast & lunch, coffee & office snacks Generous pension plans Subsidised gym memberships How to apply To apply for this role, please complete our online application form. You will have the opportunity to upload your CV and other relevant documentation as part of the process