Costa Coffee Recruitment – Vulnerability Manager

Website Costa

Job Description:

Reporting to the Global Security Operations Manager with responsibility for driving a successful enterprise vulnerability management programme.

Job Responsibilities:

  • Challenging vendors on poor performance and continual service improvements
  • In conjunction with our security architects, has product ownership for Costa’s vulnerability management tooling
  • Responsible for assurance of all BAU vulnerability management processes managed by Costa Security Operations or by our nominated MSSP’s
  • Management of Costa’s global vulnerability posture, from identification through to remediation.
  • Improving Costa’s global security posture through driving successful remediation efforts with internal and external teams responsible for infrastructure and applications.
  • As a subject matter expert proactively identify and drive technical, process or organisational improvements to Costa’s global vulnerability management capability
  • Producing monthly metrics and KPI’s evidencing analysis of vulnerability risk and remediation progress
  • Provide leadership and direction to the global Costa community on all aspects of vulnerability management across user endpoints, servers, networks and applications
  • Chairing Global Patching and Vulnerability Management forums
    i.e., Scopes, prioritises and leads service improvement initiatives for vulnerability management platforms and management processes

Job Requirements:

  • Experience of working with and building effective cross functional relationships with diverse teams
  • Strong knowledge of networking fundamentals and policy driven controls
  • Good systems administration knowledge of Windows, Linux and networking platforms
  • Extensive experience supporting or leading enterprise vulnerability management programmes
  • Extensive experience of using the Qualys toolset at an enterprise level
  • Working of Open-Source Intelligence capabilities
  • Working knowledge of public/private cloud technologies and providers
  • Relevant experience of working in a complex, geographically distributed environment
  • Working knowledge of compliance requirements for GDPR, PCI DSS and the UK Data Protection Act
  • Good understanding of Web Application Security frameworks, common vulnerabilities and associated remediations.
  • Extensive experience of patch management processes
  • Depth of knowledge in recognised international security standards
  • Professional certification such as CISSP, CCSP or other information security credentials
  • Ability to use scripting languages (Perl, Python, PowerShell etc)

Job Details:

Company: Costa

Vacancy Type: Full Time

Job Location: Dunstable, England, UK

Application Deadline: N/A

Apply Here


 Report Job