Senior Threat and Vulnerability Analyst

About the Role:

We are seeking a highly motivated and experienced Threat and Vulnerability Management Senior Analyst to join our Security team and play a crucial role in safeguarding Pearson. As a senior member of the team, you will be a key player in supporting the development, implementation, and management of our vulnerability management program, ensuring the timely identification, prioritization, and remediation of security vulnerabilities across our assets. You will be a strategic thinker with a deep understanding of cyber threats and mitigation strategies and possess strong leadership and communication skills to effectively collaborate with various teams across the organization.

Responsibilities:

• Support the development and implementation of a comprehensive vulnerability management program aligned with best practices and industry standards.
• Responsible to gather, analyse, and disseminate intelligence on cyber threats.
• Help define and maintain vulnerability scanning procedures and processes, including the selection and configuration of vulnerability scanning tools.
• Analyze and prioritize vulnerabilities based on severity, exploitability, and business impact.
• Help develop and implement remediation plans in collaboration with IT operations and application owners, ensuring timely and effective patching and mitigation.
• Track and report on vulnerability management metrics, including scan coverage, MTTR (mean time to remediation), and compliance with internal policies and industry regulations.
• Communicate effectively with stakeholders at all levels, providing updates on vulnerabilities, risks, and remediation progress.
• Help conduct regular reviews and assessments of the program, identifying areas for improvement and recommending changes.
• Stay up to date on the latest cyber threats and vulnerabilities, and ensure the program reflects evolving threat landscapes.
• You will work collaboratively with cross-functional teams, utilize advanced tools, and leverage your expertise to investigate, contain, eradicate, and recover from major security incidents.

Qualifications:

• Strong experience in vulnerability management.
• Ability to support the management of projects
• Strong understanding of cyber threats, vulnerability assessment methodologies, and risk assessment frameworks.
• Experience with vulnerability scanning tools and security technologies.
• Excellent analytical and problem-solving skills.
• Strong communication, collaboration, and interpersonal skills.
• Ability to work independently and as part of a team.
• Cybersecurity certifications (e.g., CISSP, CISA) a plus.