​Vulnerability Analyst - MUST have SC Clearance

• Inside IR35 via umbrella

• 6 months initial contract

• Must have UK security clearance

• Remote based with adhoc travel

​

The Cyber Services team support business units by providing cyber services and platforms to enable businesses to focus on their core missions. The Cyber Services team enables the our clients business units through the available, efficient, and effective provision of services, including architecture, monitoring & response, and security technologies.

• As a Vulnerability Analystyou will report to the Vulnerability & Threat SME and forms the operational core of the Vulnerability Management team.

• You will be stepping in as a crucial "doer" during a period of team stabilisation and capability improvement. Working closely with subject matter experts and wider business units, you will be responsible for the hands-on execution of our vulnerability management processes. We are looking for an independent, automation-focused analyst who can efficiently extract data, collaborate on reporting, and translate complex vulnerability assessments into clear, actionable guidance for our IT resolver groups.

​

Vulnerability Analyst -What’s my role?

• Scan & Data Execution: Operate enterprise vulnerability scanning tools (specifically Tenable), ensuring comprehensive coverage, running scheduled and ad-hoc scans, and accurately pulling down vulnerability data.

• Data Refinement & Reporting: Work closely with data and Power BI specialists to feed clean, accurate vulnerability data into dashboards, enabling clear visibility of our risk posture across the organisation.

• Actionable Guidance: Analyse raw vulnerability assessments and translate them into practical, step-by-step remediation guidance for IT operations and resolver groups.

• Process Automation: Act as an "automation-heavy" presence within the team, identifying repetitive manual tasks in the vulnerability lifecycle and scripting or automating them to

• improve overall team efficiency.

• Day-to-Day Operations: Maintain the operational rhythm of the vulnerability team, ensuring SLAs are met, tickets are routed correctly, and false positives are investigated and resolved independently.

​

What do I need to be great at this role?

• Hands-on Tooling Experience: Strong, practical experience operating enterprise vulnerability scanning platforms, with a specific focus on Tenable (Nessus/Tenable.io/Tenable.sc).

• Automation & Scripting Skills: A strong capability and mindset for automation. Experience with scripting languages (e.g., Python, PowerShell) and API integrations to streamline data extraction and reporting.

• Data Fluency: Comfort working with large datasets, with the ability to manipulate data (e.g., advanced Excel) and collaborate effectively with Power BI/dashboarding teams.

• Technical Translation: The ability to look beyond the CVSS score, understand the actual technical risk, and articulate clear, actionable patching or mitigation instructions to non-security IT teams.