Vulnerability Management Engineer

Other

Job Reference

2200017J

Function

Other

Category

Business Professionals

Location

Leeds, United Kingdom

Schedule

Full-time

The role

THE OPPORTUNITY

The Information Security & Resilience team are responsible for security activities across the DLA Piper International firm. 

This role is an exciting opportunity to join our Cyber Security team in a pivotal role within Security Operations. Reporting to the Security Operations Manager, the right person will lead in the day-to-day vulnerability programme as well as shape and develop our capabilities. This is a hands-on role and you’ll be expected to make improvements, enhance and refine our processes and procedures, and employ automation to assist in the prioritisation and swift resolution of issues. 

MAIN DUTIES AND RESPONSIBILITIES

The Firm has an in-house security operations team, that manages incident response and general security operations activities covering Asia Pacific, Middle East and Europe. This is supported by a disperse IT function and Global Service Centre based in Europe.

The Vulnerability Management Engineer will be responsible for:

  • Providing subject matter expertise on scanning, reporting, tracking and aiding in patching of raised vulnerabilities
  • Liaising with the operational IT teams on patch management and improvements
  • Reporting on key operational metrics from the team
  • Ensure operational processes are documented and kept up to date using feedback from peers and lessons learned
  • Ensure vulnerability management capabilities are mature and tested on a regular basis
  • Supporting the firms assurance activities and security certifications
  • Taking part in the on-call rota to ensure 24x7 operational capabilities
  • Acting as a stand in for the Security Operations Manager as needed

ABOUT YOU

  • Several years' experience of vulnerability management
  • Experience of wider operational security in international organisations
  • Demonstrable understanding of information security controls and technology
  • Team leadership/management
  • Excellent knowledge of technical vulnerability procedures and technologies, including Cloud Security Posture Management, DevOps (SAST/DAST) and traditional infrastructure
  • Knowledge of Orchestration and Automation platforms

The role works closely with the IT Operational teams so must have a good technical knowledge

The ideal candidate will hold the usual vulnerability management certifications (GIAC, SEC460, etc) or demonstrate knowledge and understanding of the principles within these certifications. The candidate should also be a technically astute security all-rounder.  It’s essential that the candidate can develop a holistic view of the firm’s estate and be able to respond to vulnerability queries and incidents in an environment that is fast paced and sometimes demanding.

The following characteristics are essential:

  • Service minded
  • Ability to deliver in a global organisation with different cultural and geographical challenges
  • Must have a pro-active approach
  • Must have a methodical troubleshooting method
  • Initiative and ability to work under time constraints
  • The ability to cope with multiple tasks/projects
  • Excellent communication and collaboration skills
  • Organised and self-motivated
  • Genuine passion for Information Security
  • Desire to develop (themselves, their colleagues and their capabilities)

ABOUT US

DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific. Our global reach ensures that we can help businesses with their legal needs anywhere in the world. We strive to be the leading global business law firm by delivering quality, service excellence and value to our clients and offering practical and innovative legal solutions to help them succeed. Our clients range from multinational, Global 1000, and Fortune 500 enterprises to emerging companies developing industry-leading technologies, as well as government and public sector bodies.

OUR VALUES

In everything we do connected with our People, our Clients and our Communities, we live by these values:

  • Be Supportive - we are compassionate and inclusive, valuing diversity and act thoughtfully
  • Be Collaborative - we are proactive, passionate team players, investing in our relationships
  • Be Bold - we are fearless and inquisitive, challenging ourselves to think big and find creative new solutions
  • Be Exceptional - we are strategic and driven, exceeding standards and expectations

DIVERSITY AND INCLUSION

At DLA Piper, diversity and inclusion underpins how we live our values and everything we do.  We believe that everyone has a voice, and that everyone’s voice counts. We know that the rich diversity across our firm makes us stronger, more innovative and creative, which helps us to better serve our clients and communities. We are committed to providing an inclusive working environment and culture across our global firm, where everyone can bring their authentic self to work. 

Diversity of perspective, thought, background and culture combine to make us the leading global law firm; that’s why we actively seek to build balanced teams. We welcome the unique contribution that you will bring to our firm and actively encourage applications from all talented people – however your talent is packaged, whatever your background or circumstance and regardless of how you identify.

We support anyone with a disability or long term health condition to ensure they have the opportunity to perform at their best. If you have not done so already, please let us know if you require any support so we can make the right adjustments and considerations should they be required.

AGILE WORKING

We know that people have responsibilities and interests outside of their career and that as a business, we all benefit from working flexibly. That's why we are open to discussing with candidates the different ways in which we are able to support requests for agile working arrangements.

PRE-ENGAGEMENT SCREENING

In the event that we make an offer to you, and where local legislation permits, we will conduct pre-engagement screening checks that may include but are not limited to your professional and academic qualifications, your eligibility to work in the relevant jurisdiction, any criminal records, your financial stability and references from previous employers.