Key Responsibilities
Vulnerability Management
Lead the full lifecycle of vulnerability management-from discovery and assessment to prioritisation and remediation tracking
Administer and optimise scanning tools (e.g., Tenable, Nessus)
Conduct regular scans of networks, systems, and applications to identify vulnerabilities
Classify and prioritise vulnerabilities using severity ratings, business impact, and threat intelligence
Remediation & Coordination
Collaborate with Service Operations, Cloud, and Infrastructure teams to ensure timely remediation within agreed SLAs
Track remediation efforts and report progress to key stakeholders and leadership
Maintain processes for vulnerability exceptions and risk acceptance
SOC Integration & Threat Correlation
Work closely with SOC analysts and threat intelligence teams to align vulnerabilities with emerging threats and exploitation trends
Support incident response efforts by identifying potential weaknesses during investigations and post-incident reviews
Reporting & Metrics
Produce clear, actionable vulnerability reports and dashboards for both technical and non-technical audiences
Provide regular metrics and KPIs to measure the effectiveness of the vulnerability management program
Policy & Process Development
Develop and maintain vulnerability management policies, procedures, and operational standards
Contribute to security architecture reviews and hardening documentation
Required Qualifications
3+ years of experience in cybersecurity, with at least 2 years focused on vulnerability management
Experience working in or alongside a Security Operations Centre (SOC)
Proficiency with vulnerability scanning tools and management frameworks
Familiarity with standards such as CVSS, NIST, and MITRE ATT&CK
Solid understanding of operating systems (Windows, Linux), network infrastructure, and cloud platforms (AWS, Azure, GCP)
Experience with SIEM, EDR, and asset inventory tools
Preferred Certifications
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Industry certifications such as CISSP, CISM, GIAC GCIH, OSCP, or equivalent
Vendor-specific certifications (e.g., Tenable Certified Specialist, QualysGuard Certified Specialist)
Key Skills
Strong organisational and attention to detail skills
Excellent communication abilities across technical and non-technical teams
Ability to work independently as well as collaboratively in a fast-paced environment
Strong analytical and problem-solving mindset
Working Environment
Primarily onsite at our Stoke-on-Trent office, with hybrid working arrangements available (to be discussed during interview)
Flexibility for after-hours or on-call support when required
Opportunities for continuous learning, certifications, and career development
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
