Senior Threat and Vulnerability Analyst

We are seeking a highly motivated and experienced Threat and Vulnerability Management Senior Analyst to join our Security team and play a crucial role in safeguarding Pearson. As a senior member of the team, you will be a key player in supporting the development, implementation, and management of our vulnerability management program, ensuring the timely identification, prioritization, and remediation of security vulnerabilities across our assets. You will be a strategic thinker with a deep understanding of cyber threats and mitigation strategies and possess strong leadership and communication skills to effectively collaborate with various teams across the organization.

• Support the development and implementation of a comprehensive vulnerability management program aligned with best practices and industry standards.


• Responsible to gather, analyse, and disseminate intelligence on cyber threats.


• Help define and maintain vulnerability scanning procedures and processes, including the selection and configuration of vulnerability scanning tools.


• Analyze and prioritize vulnerabilities based on severity, exploitability, and business impact.


• Help develop and implement remediation plans in collaboration with IT operations and application owners, ensuring timely and effective patching and mitigation.


• Track and report on vulnerability management metrics, including scan coverage, MTTR (mean time to remediation), and compliance with internal policies and industry regulations.


• Communicate effectively with stakeholders at all levels, providing updates on vulnerabilities, risks, and remediation progress.


• Help conduct regular reviews and assessments of the program, identifying areas for improvement and recommending changes.


• Stay up to date on the latest cyber threats and vulnerabilities, and ensure the program reflects evolving threat landscapes.


• You will work collaboratively with cross-functional teams, utilize advanced tools, and leverage your expertise to investigate, contain, eradicate, and recover from major security incidents.

• Strong experience in vulnerability management.


• Ability to support the management of projects


• Strong understanding of cyber threats, vulnerability assessment methodologies, and risk assessment frameworks.


• Experience with vulnerability scanning tools and security technologies.


• Excellent analytical and problem-solving skills.


• Strong communication, collaboration, and interpersonal skills.


• Ability to work independently and as part of a team.


• Cybersecurity certifications (e.g., CISSP, CISA) a plus.