Senior Security Analyst

• Lead the identification, assessment, and remediation of vulnerabilities across applications, infrastructure, and cloud environments, collaborating with development and operations teams for effective solutions.

• Optimise vulnerability scanning profiles, dashboards, and reports to ensure comprehensive coverage and actionable insights, while analysing data to prioritise risks and provide clear remediation guidance.

• Contribute to the continuous improvement of vulnerability management processes, policies, and procedures, including supporting incident response activities and aligning with industry best practices.

• Identify potential security risks and document clear, actionable remediation options or mitigating controls aligned with industry best practices.

• Contribute to other cybersecurity initiatives, utilizing our standards and procedures while adhering to industry best practices.

• Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures.

• Ensure that security controls in both new and existing computer systems comply with established security policies and guidelines.

• Assist in incorporating regulatory compliance requirements, such as SOX and GLBA, into the organization's security roadmap.

• Conduct thorough security incident investigations, including maintaining chain of custody, implementing containment measures, performing root cause analysis, and identifying preventive strategies.

• Supporting incident response with vulnerability intelligence during security events.

• Participate in the Information Security on-call rotation.

• Hybrid working and reasonable accommodations

• Generous Holiday policies

• Excellent Health and Wellbeing benefits including corporate membership to ClassPass

• Paid volunteer time to step away from your desk and into the community

• Support to grow through professional development courses, tuition/qualification reimbursement and more

• All-inclusive approach to Diversity, Equity and Inclusion

• Maternal/paternal leave benefits and family services

• Complimentary subscription to Headspace – the mindfulness app

• All employee events including networking opportunities and social activities

• Lunch allowance for use within our subsidized onsite canteen

• 3+ years in an Information Security role with proven experience in Vulnerability Management

• Proven hands-on experience with vulnerability management platforms and in a vulnerability management role

• Experience in information security incident response

• Knowledge of vulnerability management (remediation and configuration) and other security scanner tools.

• Strong understanding of vulnerability assessment methodologies and risk scoring

• Strong collaboration skills working with application and infrastructure teams within a security context

• In-depth working knowledge of security best practices and frameworks (e.g., MITRE ATT&CK, OWASP Top 10, NIST)

• Excellent verbal and written communication skills

• Ability to manage multiple projects and tasks.

• Analytical ability to capture and summarise information, find solutions to various tactical and strategic problems and prioritise work

• Exposure to public cloud infrastructure (SaaS, IaaS, and PaaS)

• Familiarity with patch management processes and tools

• 5+ years of experience within Incident Response and Vulnerability Management

• Knowledge of Tenable.sc and/or Tenable.io

• Knowledge of cloud security vulnerabilities and associated scanning techniques

• Experience with scripting or automation to enhance vulnerability management processes (e.g. Python) and to drive efficiency and innovation

• Relevant Information Security certifications (e.g. CompTIA Security+, CySA+, CEH, SANS, Cloud Certifications)

• No

• Potential for growth

• Mentoring

• Leadership development programs

• Regular training

• Career development services

• Continuing education courses

You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role.

At Janus Henderson Investors we’re committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from all backgrounds. Don’t worry if you don’t think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can’t accommodate every flexible working request we’re happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at recruiter@janushenderson.com

#LI-LN2 #LI-HYBRID

Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson at its sole discretion).

All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.