Head Of Vulnerability Management | S3 | COO/CSIO

Country: United Kingdom

Interested in part-time, job-share or flexible working? We want to talk to you!

Join our community.

The Cyber Emergency Response Team (CERT) is responsible for addressing proactively all cyber security threats faced by Santander UK. This includes vulnerability management.

The vulnerability management team within CERT owns the vulnerability management life cycle, including vulnerability scanning, penetration testing scoping, bug bounty, analysis of vulnerability exposure, vulnerability fix certification, remediation prioritisation and vulnerability coordination activities across all aspects of internally and externally hosted technologies.

As the Head of Vulnerability Management, you’ll be tasked with overseeing and delegating these actions to the vulnerability management team.

You’ll work closely with other Cyber subject matter experts, IT functions leaders, Business and 3rd parties to ensure accurate detection, prioritisation and resolution of vulnerabilities.

The difference you’ll make:

• Leading and coaching a team of Subject Matter Experts specialised in vulnerability management

• Managing and coordinating end-to-end vulnerability management & security testing of managing vulnerabilities on prem and in public cloud by collaboratively working with colleagues from CISO Team, CIO and 3rd parties

• Managing relationships with 3rd party penetration testing and bug bounty providers and hold them accountable to quality and SLA standards

• Ensuring accurate and timely release of vulnerability and hardening metrics/reports

• Supporting and enhancing UK vulnerability scanning solution ensuring optimal asset coverage

What you’ll bring

• Proven background in vulnerability management operations, within a medium to large organisation

• Knowledge and awareness of security testing frameworks and methodologies such as OWASP, CVSS, CBEST and CREST

• Experienced in commercial vulnerability scanning tools such as Qualys, SysDig and BitSight

• Previous experience in managing direct reports

• Experience in operational infrastructure

• Knowledge of managing vulnerabilities in public cloud

It would also be nice for you to have:

• Previous business analysis experience in the cyber security field is highly desirable

• Relevant university degree or equivalent highly desirable e.g. computer science, information/cyber security, engineering etc

• Excellent stakeholder management

• The ability to influence business and technical teams towards clear resolution timeline

What else you need to know:

This role is based in Milton Keynes.

We want our people to thrive at work and home, and also be able to deliver the best outcomes for our customers and to help each other develop. To support this, we offer site-based contracts with a hybrid working pattern and our expected level of attendance in an office is at least 12 days per month (pro-rata for part-time roles).

If you apply for this role in this location, it’s important you consider your travelling distance, time and cost from your home to the office location.

We’re happy to discuss specific working patterns and arrangement within this hybrid approach during the recruitment process.

If you’re interested in this role but with part time hours or a job-share we would still love to hear from you and discuss these.

Application process

If your application is successful a member of our recruitment team will be in touch. We will arrange a short call with you to learn more about you and what you are looking for from your next career move, as well as answer any questions you have about working in the Santander tech team. If both sides agree we will send your CV to the hiring manager to review. For this position, the interview process will be :–

1st Stage – Technical Interview – this will a 30min technical interview with one of the team

2nd Stage – A one-hour formal interview where we will ask both technical and competency-based questions. This can be done virtually or face to face depending on your situation.

If there’s anything we can do in the recruitment process to help you achieve your best, please let us know.

Inclusion

At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed.  We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair.

How we’ll reward you.

As well as a competitive salary, you’ll enjoy a benefits package that you can tailor to your needs.

• Eligible for a discretionary performance-related annual bonus.

• We put 8% of salary into your pension, even if you don’t contribute yourself. We’ll pay in up to 12.5% of salary, if you contribute as well, and you can take some of our contribution in cash if you prefer.

• 30 days’ holiday plus bank holidays, which increases to 31 days after 5yrs service, with the option to purchase up to 5 contractual days per year.

• £6,000 car allowance per year.

• Company funded individual private medical insurance.

• Voluntary healthcare benefits at discounted rates such as private medical insurance for your family, dental insurance, and health assessments.

• Protection for you and your family, with company-funded death-in-service benefit and income protection insurance, and the option to take advantage of discounted rates for additional life assurance and critical illness cover.

• Share in Santander’s success by saving or investing in our share plans. 

• As a Santander UK employee, you are able to request staff versions of our products like our Edge Current Accounts and Credit Cards with no fees, as well as apply to many other deals and discounts in Santander products and services.

Learn more about our benefits and family friendly policies

What to do next:-

If this sounds like a role you’re interested in, then please apply.

If there’s anything we can do in the recruitment process to help you achieve your best, get in touch. Whether it’s a copy of our application form in another format or additional assistance, we’re available through telephone, email, or face to face. You can contact us at [email protected] or call 0870 414 9080.