ASPIRE Global Service Centre – Vulnerability & Security Compliance Lead

Company Description

Version 1 are a true global leader in business transformation. For nearly three decades, we have been strategically partnering with customers to go beyond expectations through the power of cutting-edge technology and expert teams. Our deep expertise in cloud, data and AI, application modernisation, and service delivery management has redefined businesses globally, helping shape the future for large public sector organisations and major global, private brands.

We put users and user-centric design at the heart of everything we do, enabling our customers to exceed expectations for their customers. Our approach is underpinned by the Version 1 Strength in Balance model – a balanced focus across our customers, our people and a strong organisation. This model is guided by core values that are embedded in every aspect of what we do.

Our customers’ need for transformation is our driving force. We enable them to accelerate their journey to their digital future with our deep expertise and innovative approach. Our global technology partners – Oracle, Microsoft, AWS, Red Hat, and Snowflake – help us tackle any challenge by leveraging a technology-driven approach. Our people unlock our potential. They immerse themselves into the world of our customers to truly understand the unique challenges they face.

Our teams, made up of highly skilled, passionate individuals, act with agility and integrity. We continually invest in their development and foster a culture that encourages collaboration and innovation. This is a reflection of our Strength in Balance model, which emphasises a balanced focus on our customers, our people, and a strong organisation.

Through our comprehensive range of Managed Service offerings, we take ownership of the tasks that distract Customers from what really matters; driving their business objectives and strategic initiatives. We enable them to save time, and reduce costs and risk, by continually improving your technology estates, ensuring they drive value for their business.

Go beyond simply ‘keeping the lights on’ and embrace the potential of our ASPIRE Managed Services that place AI, continuous improvement and business innovation at the heart of everything we do. From operational maintenance through to optimisation, we are trusted managed service experts with a sustainable, value-led approach and a wealth of industry sector expertise and experience.

Job Description

• Onsite role, Belfast,
• Full time position, Full time hybrid position, 2 days per week in office (not shift)
• Department: ASPIRE Managed Services
• Practice: Services Reliability Group
• Vetting Requirements: SC Clearance/CTC Clearance level is mandatory.

Role Summary:

Our ASPIRE Global Service Centre is the central hub of our Service Management operations. Beyond a traditional Service Desk, it stands as the central authority and shared service delivery hub, orchestrating all operational workflows, processes, procedures, and tooling. It’s a core delivery component of the Version 1 ASPIRE Managed Services offering that places AI, continuous improvement and business innovation at the heart of everything Version 1 does. With a focus on supporting self-service and automation, we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers.

We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess, and mitigate vulnerabilities, ensuring systems and applications are updated with the latest patches and compliance requirements. The role combines technical expertise, process leadership, and strategic planning to maintain strong security hygiene and safeguard our customers technology assets from potential threats. As this is a leadership role, you will ensure the service desk team leader and their analysts have the suitable tools, schedules and skills to perform the routine maintenance activities. The role will also look to support the development of the wider security operations capability under continual improvement.

Vetting Requirements: SC Clearance/CTC Clearance level is mandatory for the role.

Key Responsibilities:

• Develop and execute a comprehensive patch management strategy across all IT systems and applications.
• Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations.
• Coordinate the testing of patches prior to deployment to validate functionality and compatibility.
• Utilize vulnerability scanning tools to identify weaknesses in the IT environment.
• Analyze and prioritize vulnerabilities based on risk impact and business-criticality.
• Oversee and enforce best practice for security hygiene; access reviews, vulnerability assessment, key rotation, etc
• Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner.
• Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management
• Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes.
• Act as a point of expertise for patching and vulnerability management within the organization.
• Work closely with cross-functional teams, including IT Operations, Security, and Application teams, to align patching and remediation activities with business objectives.
• Identify inefficiencies in processes and workflows, recommending and implementing improvements to enhance service quality.
• Collaborate with third-party vendors for tools and solutions, ensuring optimal performance and cost-effectiveness.
• Perform and maintain risk assessments, gap analysis, and risk register(s).
• Supporting external assessments.
• Supporting security Incident responses.
• Supporting the development of security policies and procedures.

Qualifications

Skills, Education & Qualifications:

• Proven experience in IT patch management, vulnerability assessment, or IT security.
• Familiarity with security hygiene/compliance standards.
• Strong understanding of operating systems (Windows, Linux, etc.), applications, and network security principles.
• Proficiency in vulnerability scanning and patch deployment tools (e.g., Qualys, Tenable, SCCM, WSUS, SCOM, Manage Engine, SolarWinds, Linux distributions (Ubuntu, CentOS, RedHat etc), Ansible, AWS Patch Manager/Azure Update Manager.
• Proficiency in command line interface.
• Proficiency in Security and Vulnerability tools (e.g., Microsoft Defender for Endpoint, AlertLogic, Web Application Scanning, Tripwire, Tenable Nessus).
• Strong problem-solving, analytical, reporting and organizational skills.
• Experience or understanding of of security compliance frameworks; ISO27001, NIST, SOC2, Cyber Essentials, etc.
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or similar) are highly desirable.
• Detail-oriented with a proactive approach to problem-solving.
• Ability to prioritize tasks effectively in a fast-paced and dynamic environment.
• Committed to driving continuous improvement in cybersecurity processes and practices.
• Experience with ITSM tools (e.g., ServiceNow).
• Knowledge of ITIL frameworks and best practices.
• Strong communication, interpersonal, and problem-solving abilities.
• Customer-focused mindset with a commitment to delivering high-quality service.
• Strategic thinking and decision-making.
• Ability to manage multiple priorities and meet deadlines.
• Adaptability to evolving technologies, processes and security guidance’s.
• Excellent communication and stakeholder management skills.

Additional Information

At Version 1, we believe in providing our employees with a comprehensive benefits package that prioritises their well-being, professional growth, and financial stability.

One of our standout advantages is the ability to work with a hybrid schedule along with business travel, allowing our employees to strike a balance between work and life.

We prioritise the health and safety of our employees, providing private medical and life insurance coverage, as well as free eye tests and contributions towards glasses. Our team members can also stay ahead of the curve with incentivized certifications and accreditations, including AWS, Microsoft, Oracle, and Red Hat.

Our employee-designed Profit Share scheme divides a portion of our company's profits each quarter amongst employees. We are dedicated to helping our employees reach their full potential, offering Pathways Career Development Quarterly, a programme designed to support professional growth.