Aegon
,
Edinburgh, City of Edinburgh
Security Vulnerabilities Manager
Overview
Job Description
Summary The purpose of this role is to manage the delivery of the overall AUK Vulnerabilities remediation including but not limited to decision making, prioritisation, influencing and provision of technology change support across all aspects of internal and customer facing tools.Job Description Key Tasks: * Responsible for support of technology vulnerabilities remediation in a BAU environment with support from Security, 3rd party and technology teams. * Responsible for the management of continual service improvement activity in the security vulnerabilities environment. * Responsible for the management and attestation of regular controls * Responsible for regular control reviews, including retrospective control evaluations, for appropriateness * Responsible for working closely with Service Transition and Environment Operations to ensure visibility of future requirements, ensure appropriateness of delivery and resource availability * Work closely with Service Management to ensure critical incidents are visible and investigated accordingly * Work closely with our Technical Architects and infrastructure partners to evaluate capacity utilisation and appropriateness of current and future infrastructure provision * Work closely with our communications and infrastructure partners to evaluate estate security, patching and vulnerability management * Work closely with Internal Risk functions to ensure appropriate controls are in place to safeguard the department * Create and review monthly and ad-hoc Service reports containing SLA, KPI and KRI data * Regular senior engagement with Suppliers to investigate and resolve critical deployment issues * Regular engagement with Suppliers and internal development teams to ensure appropriateness and standardisation in deliveries. Skills: * Exceptional communication skills and the ability to liaise with technical and non-technical groups * Strong management and leadership background to deliver Operational goals * Strong Service Management and Project Management background - particularly relating to Service Operation and Transition, but with in-depth knowledge and experience of Change, Release, Incident and Problem Management. * Self-motivated achiever who gains satisfaction from providing excellent service to their customers. * Ability to highlight areas for improvements and desire to manage change through to completion * Ability to influence key stakeholders to ensure appropriate outcomes * Strong analysis capability and ability to implement clear process definition, introduction and improvement. Excellent verbal and written communication skills are required along with the ability to discuss technical information to non-technical staff * Availability to participate in provide an out of hours service to the Business, third parties and overnight support teams Knowledge: * Have an strong understanding of Technology security vulnerability management and remediation, both core infrastructure vendor patching and configuration issues. * A strong understanding of IT security trends across technologies such as Cloud * A strong understanding of Change delivery methodologies, waterfall, Agile and DevOps * A strong understanding of both the business and technology processes that support technology Platforms * A good understanding of ITIL processes and how they are applied within an IT Service management department * Understanding of change and risk management within a complex operational and change environment Experience: * Proven track record in leading IT security remediation deliveries on an ongoing basis * Experience in business and technology change programmes for customer centric security provisions * Experience in supporting Senior Management decision making on adoption of security policies and tooling * Experience in coordinating security discussions across multiple suppliers and business areas. * Experience of working in complex, large scale, Technology environments ideally within Financial Services * Experience of operating in a fast-paced business environment with an emphasis on positive change and adaptive working practices. Flexible in approach to all aspects of the role, with self-planning and organizing skills to enable effective multitasking in a high pressure and high availability environment. * Experience of engaging and building successful relationships with a broad range of stakeholders. You should have a proactive attitude and the initiative to anticipate customer needs. * Software Development Life Cycle and Change Management Technical skills * Understanding of Security technology across traditional, new and emerging technologies. * Understanding of Network security and remediations * Understanding of complex architecture across multiple environment stacks and technologies * Experience with supporting Windows and Linux operating systems * Experience with supporting ORACLE, DB2 and SQL DataBases (Desirable) * Experience with supporting Java applications (Desirable) * Exp